| ▲ | est 6 hours ago |
| so it's good practice to store key in non-default location and use ~/.ssh/config to point the path for each host? |
|
| ▲ | 9dev 6 hours ago | parent | next [-] |
| What a great case of "you're holding it wrong!" I need to add individual configuration to every host I ever want to connect to before connecting to avoid exposing all public keys on my device? What if I mistype and contact a server not my own by accident? This is just an awfully designed feature, is all. |
| |
| ▲ | est 5 hours ago | parent [-] | | > add individual configuration to every host I ever want to connect Are you AI? You can wildcard match hosts in ssh config. You generally have less than a dozen of keys and it's not that difficult to manage. | | |
| ▲ | kemotep 3 hours ago | parent [-] | | I have over a dozen ssh keys (one for each service and duplicates for each yubikey) and other than the 1 time I setup .ssh/config it just works. I have the setting to only send that specific host’s identity configured or else I DoS myself with this many keys trying to sign into a computer sitting next to me on my desk through ssh. Like I can’t imagine complaining about adding 5 lines to a config file whenever you set up a new service to ssh onto. And you can effectively copy and paste 90% of those 5 short lines, just needing to edit the hostname and key file locations. |
|
|
|
| ▲ | wasmitnetzen 5 hours ago | parent | prev | next [-] |
| I would say it's best practice to use a key agent backed by a password manager. |
|
| ▲ | geocar 6 hours ago | parent | prev [-] |
| Specifically to use a different key for each host. |
