What should ssh keys authenticate? A person? a person physical computers? a person usernames?
I just spin up droplet, generated a ssh key pair from my pc, and added it to the droplet via the DO GUI for the root user. Now within ubuntu I’m creating a sudo user and will add keys to it. Should i generate a new key pair from the server itself and use those? or is it ok to reuse the keys from the root user?
The way i see it, if a create a new key pair for the sudo user, i might never again use the keys for the root user.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Think of SSH keys like very advanced passwords - you should never re-use the same password two places either. Keys should unique for each user, for each person who login. That way you can revoke (delete) a specific key, but everyone else still keeps their access. This is dumbing down the beautiful, complex structure of SSH keys, but you’re already on the right path with keeping it unique, so I think you get the point of it :)
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and AI-native businesses
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.