Re: Multiple private keys



Richard,
You are right about the terminology, the admin actually calls it
"preshared keys", not "shared secret". My mistake.

ed

On Dec 28, 9:04 pm, "Richard E. Silverman" <r...@xxxxxxxx> wrote:
"efair" == efair <ed_f...@xxxxxxxxx> writes:

efair> Hi, I've been using ssh to access a remote server (server A)
efair> from my workstation. The admin of server A do not provide me a
efair> password, he prefers to use "shared secrets" for access control

Btw, this terminology is wrong -- this is not a shared-secret technique,
but rather public key (the whole point is that there *is* no shared secret
here).

efair> -- he creates a userid for me, generates a key pair, puts the
efair> public key in ~/.ssh/ authorized_keys, provides me the userid
efair> and the private key; I copy the private key into id.rsa on my
efair> workstation, and I then ssh into server A. No password prompt
efair> appears.

... and little security appears, either. First, you should generate the
key yourself and send him the public part; there is no need for him to
ever see your private key. Second, if this is for interactive use
consider using ssh-agent instead:

http://www.snailbook.com/faq/no-passphrase.auto.html

efair> Now I need to access another server (server B) from my
efair> workstation. The admin of server B also uses the "shared
efair> secrets". The admins won't use the same keys.

efair> Is there any way to switch back and forth between the two
efair> private keys on my workstation, short of replacing the id_rsa
efair> file every time I want to access A or B?

efair> ed

--
Richard Silverman
r...@xxxxxxxx

.



Relevant Pages

  • Re: Multiple private keys
    ... efair> Hi, I've been using ssh to access a remote server ... efair> from my workstation. ... efair> and the private key; I copy the private key into id.rsa on my ...
    (comp.security.ssh)
  • Re: Multiple private keys
    ... efair> Hi, I've been using ssh to access a remote server ... efair> from my workstation. ... efair> and the private key; I copy the private key into id.rsa on my ...
    (comp.security.ssh)
  • Re: Multiple private keys
    ... efair> from my workstation. ... he prefers to use "shared secrets" for access control ... and I then ssh into server A. No password prompt ... The only big advantage is that you can make *sure*, if you're the admin publishing the key, that it has a passphrase at least to start. ...
    (comp.security.ssh)
  • Re: Multiple private keys
    ... I've been using ssh to access a remote server from my ... provides me the userid and the private key; ... the private key into id.rsa on my workstation, ... The admin of server B also uses the "shared secrets". ...
    (comp.security.ssh)
  • Multiple private keys
    ... I've been using ssh to access a remote server from my ... provides me the userid and the private key; ... the private key into id.rsa on my workstation, ... The admin of server B also uses the "shared secrets". ...
    (comp.security.ssh)