Recipe 17.5. Using Multiple Key Pairs
17.5.1 Problem
You would like to generate separate sets
of keys for accessing different hosts, or different types of
accounts. For example, you would like one SSH key for administering
an FTP server, and a different one for accessing your private user
accounts.
17.5.2 Solution
You can name your key pairs anything you like with
ssh-keygen. ssh-keygen will
automatically append .pub to the public key.
Always create a passphrase!
akkana@windbag:$ ssh-keygen -t rsa -f /home/akkana/.ssh/ftp_key
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/akkana/.ssh/ftp_key.
Your public key has been saved in /home/akkana/.ssh/ftp_key.pub.
The key fingerprint is:
95:d2:12:55:66:ba:ec:a8:5c:40:4b:1e:03:2b:6c:ea akkana@windbag
akkana@windbag:~$
When you create a key pair with non-default names, you need to enter
the private key name in ~/.ssh/ssh_config. If
this file does not exist, create it, and make an entry like this:
IdentityFile ~/.ssh/ftp_key
17.5.3 Discussion
There should be a copy of the default ssh_config
in /etc/ssh. When you make changes, the simplest
method is to append your options to the end of the file.
ssh_config is for both user-specific
configurations and system-wide client options. Creating and storing a
copy in a user's home directory configures
user-specific options.
17.5.4 See Also
| 
