You are not logged in.
I currently use two different SSH keypairs to access two different hosts (let's call them Host A and Host B). The private keys for these keypairs are stored under the home directory of my main account (let's call it /home/jalu), as I rarely need to use the keys elsewhere.
There's one problem. I would like to use duplicity in a root cron job back up Host A and Host B. This would be easy of duplicity could use private key authentication, but it can't -- the keys were set up for the user jalu, not root.
What is the best way to give root access to private key authentication for these hosts? Should I copy my private keys to /root/.ssh/id_rsa? Should I generate a new keypair for the root user? Should I use ssh -i? Are there security risks with any of these approaches?
This is one of those issues where many approaches could work, but I just want to be sure that I'm doing things the right way. Any insight would be greatly appreciated. Thanks in advance.
Last edited by jalu (2010-08-30 04:28:12)
Offline
Create a new key-pair for duplicity.
Are you familiar with our Forum Rules, and How To Ask Questions The Smart Way?
BlueHackers // fscanary // resticctl
Offline
Thanks for the help, fukawi2.
I thought that might be the solution, but I wonder why. Is this for security reasons or something similar?
Last edited by jalu (2010-08-30 15:47:47)
Offline
If your keys get compromised, you don't want that to make 'root' available to whoever gets your keys. And conversely, if the root keys get compromised, then you don't want the machines with your keys to be accessible.
Are you familiar with our Forum Rules, and How To Ask Questions The Smart Way?
BlueHackers // fscanary // resticctl
Offline
Interesting. Thank you for the information.
Just to clarify, the keys don't provide root access to the servers. The keys provide standard user access to the servers (they're shared hosts), but I was hoping to share those keys with the root user on my local machine.
Offline