I have recently began making use of RSA Key pairs to login to various servers I manage and wanted to get some insight on best practice as I recently ran into some issues.
Is it best practice to keep only one RSA key on your local and register the same key with each server you are going to login to? I recently tried adding an additional key for a new server I need to access and it was not working correctly.
Thank you in advance.
I'm not sure if it's "standard" or not, but if you're going to use more than one key you will need to specify which you want to use on the command line or specified per host in your ~/.ssh/config file. From the OpenSSH man page:
-i identity_file
Selects a file from which the identity (private key) for public key authentication is read. The default is
~/.ssh/identity for protocol version 1, and ~/.ssh/id_dsa, ~/.ssh/id_ecdsa and ~/.ssh/id_rsa for protocol
version 2. Identity files may also be specified on a per-host basis in the configuration file. It is pos‐
sible to have multiple -i options (and multiple identities specified in configuration files). ssh will
also try to load certificate information from the filename obtained by appending -cert.pub to identity
filenames.
Example config entry:
host remote.host.example.com
IdentityFile ~/tmp/example_rsa
