Multiple SSH private keys

I covered my ideal ssh config settings a few days ago, but I left out one part, my ssh keys. When it comes to ssh keys I like to use a different key for different servers, or groups of servers.

I have one ssh key I use at work, one for my personal websites, and at the moment a 3rd for a side-project I’m working on.

You can specify which key to use when connecting to a server with:

ssh -i ~/.ssh/identity_key_file dev.example.com

This is fine if you don’t mind specifying which key to use every time you connect to as server.

If you have read my previous post about my ideal ssh config, and set up your own, then why not add ssh key’s to the config (if you use them)

Host carlcasbolt blog
User ccasbolt
HostName 216.239.32.10
IdentityFile ~/.ssh/id_dsa.personal

Host dev
User ccasbolt
HostName dev.example.com
IdentityFile ~/.ssh/id_dsa.work

Host *
User ccasbolt

The ssh key files are named id_dsa.personal and id_dsa.work so that they are will not be used on all ssh connections. By default ssh will attempt to use id_dsa / id_rsa as your private key file. If it is not present then it cannot be used. You can of course name your default ssh key (or most commonly used one) one of these names and then unless you specify otherwise (ssh config or the parameter -i identity) it will be used.

Creating a private key:

Just in case you need to know how to create your own private keys:

ssh-keygen -t dsa -f ~/.ssh/id_dsa.work

Which will create a DSA private and public key pair with the names id_dsa.work and id_dsa.work.pub.

ssh-keygen -t rsa -f ~/.ssh/id_rsa.work

Which will create an RSA private and public key pair with the names id_rsa.work and id_rsa.work.pub.

One thought on “Multiple SSH private keys”

  1. Very Cool. I never realised you could set multiple private ssh key’s like this. I assumed that you could only have one, and had to upload the same public key to everywhere you want to use it.

    I will have to update my key’s and create a second set for personal stuff rather then use my uni one everywhere.

Leave a Reply

Your email address will not be published. Required fields are marked *