ubuntu core - best practice for backup public/private keys

ssh security ubuntu-core

In my opinion, the more keys you have on the device, the wider the attack surface. Only one key needs to leak, and now you have more that CAN leak.

In some situations that makes sense, but I'm not sure what you're gaining in the scenario you described. If SSH key A is compromised, someone with that key can gain access to the device. Period. SSH key B, which also has access to the device, isn't in the picture at all. So using SSH key B to gain access to the device to "revoke" SSH key A doesn't make a lot of sense. The fact that SSH key A is compromised obviously doesn't make it useless. You could just as easily ONLY use SSH key A, and use it again to gain access to the device and swap it out for SSH key B in the event of a compromise. Then you only ever have one key with access to the device. Same security model you have now, but your attack surface isn't as wide.

It would be even better if Ubuntu Core provided a way to refresh the keys on the devices linked to your SSO account (that would help with the lost-key scenario as well), but I don't believe that functionality exists today (see LP #1646559).

Related

How can I add support for Swiss German input in 18.04? There was no option during installation
What does the "Not In List" button do in the Ubuntu login screen?
Does Ubuntu Install Your PC Drivers Automatically?
After suspend, on resume, Ubuntu briefly shows content of session before displaying the lock screen [closed]
How to delete mysql-client
How to install .tar.gz lacking both ./configure and ./bin?
Hava alias shortcut available in new terminal session
How to install `workman` layout in Ubuntu?
How can I remove all strings from tar file in Linux?
Bash command to convert IP addresses into their "reverse" form?
Failed to acquire the VirtualBox COM object on Ubuntu 14.04 LTS
ZFS pool broken after upgrading to 14.04 LTS