Can one single SSH key be used to push to different Git remotes?
Question
Usually,I generate different SSH keys for pushing to multiple Git servers.
Today,my colleague showed me that he uses the same id_rsa.pub file for pushing to both GitHub and our LAN GitLab server.
Can one single SSH key be used to push to different Git remotes?
What is the reason that we have to generate multiple SSH keys for different remote servers?
3 answers
solution1
7 2013-09-21 06:09:59
To address both of your questions:
Q1. Can one single SSH key be used to push to different Git remotes?
Yes, assuming you are using the one id_rsa.pub or otherwise named public key, together with your private key on all of your development workstations, then simply uploading that one public key to multiple Git hosts will allow you the same access as you currently get from the multiple keys.
This will also make your production life a bit easier, without having to manage multiple keys and ensuring you connect with the right one each time you communicate with the server.
If you use multiple workstations (ie, home and office), you may also choose to use the same public/private key-pair on each of your local workstations. This further reduces the number of different keys you need to keep track of.
Q2. What is the purpose that we have to generate multiple SSH keys for different remote server?
There is no reason that you have to generate multiple keys for multiple remote Git repository servers, as indicated by the answer to your first question.
As Jan Hudec has mentioned though, the reason one might choose to use different keys for different Git repositories, would be for an additional layer of security or management control.
Further reading on using SSH with Git is available at Bitbucket and GitHub
solution2
1
是的,只要每个服务器都有一个公钥副本,就可以为多个服务器使用相同的公共/私有ssh密钥对。
solution3
1 2013-09-02 14:00:34
In ssh, the private key is the one on the client and you push the public key to the servers you want to log in to.
Normally you generate separate key for each passphrase-less key used in some script to minimize the damage if the key gets stolen.
But I don't see any good reason to generate multiple identities for manual use. Everything that involves manual use by me always uses the same passphrase-protected id_rsa , usually unlocked in ssh-agent.
You can also use separate keys for similar reason, but unless you protect each with different passphrase, there is no point as all the private keys live in the same directory on the same disk.
Of course on different workstation you should definitely have different private key, but it will again be used for everything done from that machine.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.