Best practices for SSH public keys in config

Flameopathic · April 18, 2024, 1:23pm

i’m fairly new to dealing with SSH stuff, and my current setup has the public SSH keys of my main machines listed in my public configuration repository. is it generally safe to have it set up like this, and then just generate new keys for each new machine, and put them in the file so i can connect to my servers via SSH? is there a better or safer way?

p.s. i will ask my question elsewhere upon request, i know that this is mainly for NixOS specifics, but i thought it’d be a good place for me to get good help on something specific to the way NixOS is configured

lovirent · April 18, 2024, 1:35pm

hey,
yes; it is generally safe to expose ssh public keys. This is the most practical way of doing it.
there are also tools to manage private keys with nix, like shoji-nix

daylinmorgan · April 18, 2024, 3:31pm

If you weren’t aware the public SSH keys associated with your github account are already accessible to everyone at https://github.com/Flameopathic.keys