Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

What Goes Into an SSH Public Key?

Status
Not open for further replies.
SamBones

SamBones

Programmer
Aug 8, 2002
3,186
0
36
US
Ok, my Google Fu has failed me. I can't find the answer to this one on the web. I turn to Tek-Tips seeking an answer.

The question came up here at work, what goes into the creation of an SSH public key? IP? Hostname? Hostid? Something else?

That is, if I create a public key on one machine, say with an IP address of 10.1.1.23, but then the machine crashes and burns and we bring in fresh hardware, fresh OS install, but it's set up with the same IP address, will my old public key still work? That is assuming that I've restored my matching private key from backup.

In other words, is the only thing that needs to match are a ssh-keygen generated private and public key pair? Or, does a changing IP affect it? Other system changes?

The background on this is that when creating an Amazon EC2 instance, you get an ephemeral IP address that can change when you create an instance. We're trying to pre-share SSH keys to automate certain set-up things, but we're having trouble getting a key to work. Just wondering what goes into creating the public key to try to find a solution.


 
Sort by date Sort by votes
I don't know what goes into making up the key, but I do know it can be restored and it will work.

It can also be copied to other machines and/or users, and still work.

The private rsa key would be called (by default) [tt]id_rsa[/tt]. You can actually copy that file to another user on another machine, and they would be able to ssh to any account on any machine that has the public key side of the pair of files installed ([tt]id_rsa.pub[/tt]). That's why it's pretty essential that private keys are protected.

So, it's mostly just that the pair of key files match each other, public and private, rather than the actual machines or user ids you are coming from or going to. That's why it's critical for security to protect private keys.

This is pretty easy to test if you have a couple test machines.

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

T
  • Solved
Not able to log into my previous account, and there's no "Forget Password"
Replies
15
Views
816
Chris Miller
Chris Miller
DrB0b
  • Locked
  • Question
Help Please, Trying to Convince Company Mixing Personal and Corporate Email is Bad Practice
Replies
9
Views
233
DrB0b
DrB0b
jmkelly
  • Locked
  • Question
Interesting port-scanning attack--anyone seen this?
Replies
4
Views
78
iggsterman
iggsterman
nate901
  • Locked
  • Question
(1) Cell phone app security and (2) Shared-site login security
Replies
1
Views
57
Noway2
Noway2
akacommie
  • Locked
  • Question
Text Message and Mobile Encryption Product
Replies
0
Views
44
akacommie
akacommie

Part and Inventory Search

Sponsor

Back
Top