Is it possible/good practice to use same private key for two servers for passwordless login from the same workstation/localserver?
I have two websites. One website is a clone of the other website. When I checked the sshd_config
file in both the sites they are exactly similar, except one uses authorized_keys
as the identification and the other uses Known_keys
as the identification, I hope this is not a problem since the path are defined accordingly showing the location and the file name of the public key.
I am wondering why am I not able to login with the same private key of same machine whose public key is up in the both servers.
Am I missing some information? Or it's not possible?
This question is actually three separate questions.
Question 1:
Is it possible to use the same keypair for SSH access to two or more servers?
Answer 1:
Yes, it is possible, many people (self included) do it regularly. There is no reason why it would be in any way limited to one server. We're assuming that you're talking about client keypairs and not server certificates. A client keypair authenticates the client, i.e. the machine attempting to gain access to an SSH session. You can most definitely re-use your client keypair, and one server will be none the wiser that your keypair is used on other servers.
Question 2:
Is it recommended to use the same keypair for SSH access to two or more servers?
Answer 2:
Depends on who you ask, and how rigorous your security plan is. There are added risks of using the same keypair for two or more remote hosts. These risks are above and beyond the nominal risks of using a keypair at all for one host.
Anyone obtaining your private key (as well as the private key passphrase, if applicable) will be able to access all systems that your private key authenticates. The problem then devolves to the attacker knowing the hostnames of all the servers that your private key is authenticated to, and the user accounts on each of those hosts that consider your public key an authorized key. This increases the potential damage that can be done in the event that your private key is stolen.
Note that it is not an authentication risk if someone obtains only your public key: for all you care, you may as well put your SSH public key up on your homepage. You can even safely post it here in your question just for kicks and giggles, with absolutely no security implications. It's called public for a reason.
If you have any reason to suspect that your private key is anything but completely secure, and you are worried that the damage would be significantly greater if both systems were compromised, then you can create two private keys. But, if you store both private keys on the same system, and they either have no passphrase, the same passphrase, or the passphrases themselves are stored somewhere (a piece of paper, LastPass, etc) in the same place, then having two separate keypairs is not actually adding any security. But if you use full disk encryption and have a well-secured client system, then the risk of having your private key and passphrase stolen is relatively low.
By the way, if you are using private keys without any password at all, then you better not be doing anything worth more than a few dollars on your systems. If you're conducting any sort of official business, commercial or otherwise, in my opinion it is absolutely essential to use a strong, unique password that is not written down anywhere for a private key that gains access to any system of value. If you're dealing with customers' personal information (credit card numbers, etc), make that "absolutely essential" up there in 72 pt font and 10 times bolder. If you're dealing with government classified information, make that "absolutely essential" in 5000 pt font and 5000 times bolder.
Question 3:
Why doesn't my public key authentication work?
Answer 3:
This depends on your specific setup. You didn't give us any specific details about why it doesn't work. We need specifics. Error messages, detailed logs (but omit passwords and usernames and IP addresses!), and a list of the software and versions you're using for both the SSH client and the SSH server, and the operating system and version of both systems.
However, I strongly suspect that one reason why it isn't working is that you're using the wrong file on one of the systems. known_keys
is not for public key authentication; it's for the SSH client (the client on which the known_keys
file resides) to cache the public keys of the servers that it connects to. You should be using authorized_keys
on both systems. (Kudos to the other person answering your question for posting this fact a few seconds before me :))
known_keys
and authorized_keys
are completely different stuff.
The authorized_keys
file is where you must put the public keys which match the private keys you are going to use to access the server. It is supposed to be on the servers you want to get into.
known_keys
is a file where the remote servers' fingerprint is stored so you know that if you try connecting there again it is really the server you expect to be. That is to prevent man-in-the-middle attacks, where someone could spoof the hostname or IP address of the remote server to steal information you might supply thinking you were connected to the right one. This file is automatically created or updated when you try to connect somewhere new, so note it is related to SSH operation as a client. If you see this file on your server you probably tried to connect from it to somewhere else.