Last Updated: February 25, 2016
·
228
· wdroste

Why share a private SSH key?

It seems counter intuitive but this is what Amazon EC2 does when it create security key pairs. The PEM file is a private RSA key. This nice in the regards the one does not have to upload each and everyone's public key to the server. The next issue though is providing temporary access to the servers.

In my current job there's always a need to get into a customer's deployment to help figured out an issue with integrated and highly complex enterprise software.

Here's how I recommend doing it.. such that there's temporary and easy access.

  1. Ask the customer create a private/public key pair with 'ssh-keygen -t rsa -f .ssh/mycompany' on a temporary user or a admin user on the box in question.

  2. Have the customer send the private key to you.

  3. Have the customer append the public key to 'authorized_keys'.

Once the fix is complete and you no longer need access the customer can simply remove the public key from 'authorized_keys'.