SSH Key Best Practices
stacksofplates last edited by
Is it best practice to use one key for multiple servers or to use one key per server?
DustinB3403 last edited by DustinB3403
1 key per server.
if any server is compromised otherwise, you'd only have to generate a new key, and fix the security holes with that server.
Alternatively if you shared a key between several servers and that key is compromised, you have to create and redistribute that key out and fix the security holes on every server.
scottalanmiller last edited by
It is standard for there to be a new key generated for each 'from' server and to share it to many other servers. The key infrastructure is one to many. The private key should exist in just one place while the public would exist in many places.
AVI-NetworkGuy last edited by
Decent guide for this from NIST: