Related

Join the DigitalOcean Community Community

Join 1M+ other developers and:

  • Get help and share knowledge in Q&A
  • Subscribe to topics of interest
  • Get courses & tools that help you grow as a developer or small business owner
 Join Now
GUI for MongoDB needed to mange Meteor app Question Question
Why are snapshots so slow Question Question

Question

Is it secure to have multiple servers with the same SSH key?

Posted February 22, 2021 396 views
UbuntuSecurityGit

Let’s say I have configured a server with the LAMP stack and set up an SSH key which is configured as an access key for a git repository.

After configuring this server, I also want to create a staging and development server, so I create a snapshop of the server and create two copies of this snapshot. This results in 3 servers with the same SSH keys used to access the GIT repository. These SSH keys are only used for read access to the GIT repository.

Are there any reasons (security wise) to not do this, and make sure a unique SSH key is configured for each copy of the original server?

Thanks in advance!

I found this thread that revolves around the same questions, but as that’s quite old, I was wondering what the current viewpoint on this matter is.

Add a comment
hugokamps
By:
hugokamps

Related

Join the DigitalOcean Community Community

Join 1M+ other developers and:

  • Get help and share knowledge in Q&A
  • Subscribe to topics of interest
  • Get courses & tools that help you grow as a developer or small business owner
 Join Now
GUI for MongoDB needed to mange Meteor app Question Question
Why are snapshots so slow Question Question

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
Submit an Answer
2 answers
denislavgavrilov February 22, 2021

Hey there, @hugokamps,

I don’t think there is a reason to create separate keys for each server. As long as you keep your key secure, you should be fine.

The only problem there could be, would be if somebody breaches your key (highly unlikely imo) he would have access to your other servers. But yet again, this is your private key so you should be fine with only one.

Take a look at this answer here as well.

Hope this helps.

Best,
Dennis

Reply Report
  • m1ryamfv June 27, 2021

    Hello,

    I have one Droplet with ssh access Im trying to create a second Droplet and use the same public key on my computer but it tells me that key is already being used in my account.

    I thought adding it to your account meant I could use it in multiple droplets? I’m I doing something wrong or should I just create another with a different name? Thanks in advance

    Reply Report
alexdo February 23, 2021

Hello, @hugokamps

I would say you should not worry about this. Your private key is locked down on your computer. I personally use different ssh-keys for personal and work-related projects, but this is just me. You can also have a jump-box server to connect to other servers and use different ssh-keys.

Regards,
Alex

Reply Report

Related

Looking for something else?

Ask a new question Search for more help