Method to deprecate SSH key Pair locally

security ssh-keys

I've using my ssh-keys for a while. I'm thinking about to upgrade my ssh key pair to a stronger encryption and i dont know all devices where my keys are registered.

Is it posible to "deprecate" a SSH Key locally so, that I receive a warning if I authenticate with a deprecate SSH Key?


Solution 1:

I don't know of any way to do something like this, but I can see how it would be useful. What I'd be inclined to do is to stop adding the deprecated key to my SSH agent. That way, every time it gets used, I'll have to re-enter the passphrase. If it's something like, "ugh, another one to fix", then it'll remind me each time that I've got to go rotate my key on that machine, too.

Solution 2:

You can move the old ssh key to a non-default location (i.e., ~/.ssh/deprecated_id_rsa) and then create a new ssh key with your desired properties at ~/.ssh/id_rsa

That way you still have your deprecated key available if needed ssh -i ~/.ssh/deprecated_id_rsa ..., but you will default to using your new key.

Related

How To Serve Static File Directory Over HTTP Using NGINX
Connection Refused for Apache 2.4 Virtual Host [duplicate]
permission errors using gcsfuse as nonroot user on google compute instance
GlusterFS split brain with no path, what does it mean?
Functions vs methods in Scala
how to display image in ios push notification?
Font changes when sending from Mac Mail to Windows Outlook
Linux: Command to empty recycle bin
How to hide (remove) 'Owner' and 'Computer' information on PDF file?
How to scroll the terminal emulator window in smaller steps using the keyboard?
Emacs - kill buffer without prompt
Getting CTRL+V to work in Vim inside Conemu