I pair with quite a lot of developers and one thing I have noticed is most of them only use one SSH keypair for all of their services/servers. This isn’t the worst security threat out there but it does pose a significant one. Also it is pretty inconvenient if your public key gets stolen like in the recent CircleCi attack as you need to change the keypair on every service you use.
A multi key setup is pretty easy to implement:
Step 1. Create somewhere to store the key:
mkdir ~/.ssh/githubStep 2. Create the SSH key:
ssh-keygen -t rsa -f ~/.ssh/github/id_rsa -C "github key"Step 3. Add the key to your SSH config:
vim ~/.ssh/configHost github.com
User git
IdentityFile ~/.ssh/github/id_rsaNote: you don’t have to include a user.
Step 4. Test
ssh git@github.com