-4

I'm using ssh keys to log in some servers. My private keys hasn't a passphrase, but I'd like to store it in an encrypted online storage service. Is that safe? Are there any free available options? If I decided to add a passphrase to my key, could I safely store it in services such as Google Drive?

Is there a way to use the same key both with and without passphrase or should I make two different? In that way, I could use the first on my personal laptop and store the latter on GDrive.

kinder
  • 35
  • 1
  • 7
  • 1
    1) if you think an encrypted online service is more secure than adding a passphrase to the key and storing it locally, you're trusting the cloud admins more than yourself; that's not sensible. 2) if you want to look into ways of securely storing a local key, consider using a smart card (examples include [the FSFE Fellowship Smart Card](https://fsfe.org/fellowship/card.en.html)). – MadHatter Aug 27 '14 at 10:39
  • I don't need it to be more secure, just believe that it might be quicker to log in servers if I had not to digit the passphrase every single time. – kinder Aug 27 '14 at 11:05
  • That's what `ssh-agent` is for. – Michael Hampton Aug 28 '14 at 17:11

2 Answers2

4

Protect your SSH key with a passphrase and use an SSH Agent so that you only have to type the passphrase when loading the key to the agent. See man ssh-agent, ssh-agent on wikipedia and Using Pageant

ptman
  • 28,394
  • 2
  • 30
  • 45
1

What I personally do is store it in a Keepass database that has a password and use the KeeAgent plugin for Keepass. I also sync Keepass with S3 using a plugin.

Florin Asăvoaie
  • 7,057
  • 23
  • 35