Question

Is it secure to have multiple servers with the same SSH key?

Posted February 22, 2021 268 views
UbuntuSecurityGit

Let’s say I have configured a server with the LAMP stack and set up an SSH key which is configured as an access key for a git repository.

After configuring this server, I also want to create a staging and development server, so I create a snapshop of the server and create two copies of this snapshot. This results in 3 servers with the same SSH keys used to access the GIT repository. These SSH keys are only used for read access to the GIT repository.

Are there any reasons (security wise) to not do this, and make sure a unique SSH key is configured for each copy of the original server?

Thanks in advance!

I found this thread that revolves around the same questions, but as that’s quite old, I was wondering what the current viewpoint on this matter is.

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
Submit an Answer
2 answers

Hey there, @hugokamps,

I don’t think there is a reason to create separate keys for each server. As long as you keep your key secure, you should be fine.

The only problem there could be, would be if somebody breaches your key (highly unlikely imo) he would have access to your other servers. But yet again, this is your private key so you should be fine with only one.

Take a look at this answer here as well.

Hope this helps.

Best,
Dennis

Hello, @hugokamps

I would say you should not worry about this. Your private key is locked down on your computer. I personally use different ssh-keys for personal and work-related projects, but this is just me. You can also have a jump-box server to connect to other servers and use different ssh-keys.

Regards,
Alex