Utilizing SSH keys in conjunction with the servers you connect to is a great and highly recommended security practice. SSH stands for “Secure Shell” and enabling SSH for a server creates a secure channel between you (via the command line) and your server.
SSH keys help the server validate and authenticate who you are. SSH servers can even be setup to require a known valid SSH key in order for the server to acknowledge you to begin the login process.
Using SSH from a Linux or Mac system is straightforward. You may not realize it but your system will automagically generate an SSH key for you the first time you use SSH if you do not have one already. This key will then be sent with all subsequent request to that server and all other servers. This is a great start, however it is possible to maintain multiple SSH keys on your system.
If the one SSH key allows you to get into all your systems why would you want additional keys? Simple, extra security.
Having a unique key per system you are logging into will create additional security by only allowing that key to be used on that system and no other. If your account somehow gets compromised and the key to the server taken you do not have to worry about all the systems you have logged into with that key and remember to go secure them. You simply delete the key for that system and generate another.
Managing multiple keys is easy. Let me show you how you can accomplish this on your own system.
This tutorial assumes you have basic knowledge of the command line. It was originally written as part of a series of CLI (command line interface) cheat sheets, and I’m reposting it here so that a broader audience can take advantage of SSH for server management. The CLI cheat sheet has other excellent resources I recommend you check out as well.
Where to find SSH files
All the SSH files live in a hidden folder .ssh in your user directory. If your system is using the generic key file this folder may not exist. You can safely create this folder yourself. We will be working out of it for the remainder of this tutorial.
We will also be working from the terminal for the rest of this process.
Open up your terminal and get setup.
cd ~/.ssh
If you get an error that the directory does not exist create it with:
mkdir ~/.ssh
