←back to thread

Sign arbitrary data with your SSH keys

(www.agwa.name)
637 points h1x | 2 comments | 13 Nov 21 09:13 UTC | HN request time: 0.423s | source
1. yewenjie ◴[13 Nov 21 11:46 UTC] No.29209151[source]
Is it a good practice to use only one SSH key pair or different pairs for different things? Also, how do people usually store SSH keys for long term?
replies(1): >>29209745 #
2. elric ◴[13 Nov 21 14:00 UTC] No.29209745[source]
I use a different key pair for every service. Where "service" is defined pretty loosely. All the company servers I access for work, for instance, use the same key pair. But I have different key pairs for github, gitlab, etc. I also have a work github account for FOSS contributions, which uses a different key pair than my personal github account.

I have a config file per identity (work, personal, second job, etc) in ~/.git/config_$identity. Each of those files contains a Host entry with key configuration for every service I use. I rely on a bit of shell foo to to select the correct identity (an environment variable and an alias).

Life would be a bit easier if ssh_config supported the use of variables in Include statements, that way I could just Include ~/config_${identity}. Oh well.