First, sorry if this question has already been asked/answered – I've searched but perhaps I haven't recognised the answer….
What we have is a cluster of servers which need to access a single remote server using sftp.
We are migrating from one remote server to another at the same (remote) location.
We also want to refresh the public/private key pairs on the configuration as part of an ongoing security review.
My question is – can we have multiple public/private key pairs for the same user between server A and server B?
I want to do this to allow for cutover testing – but am concerned that the software checking keys may only try one of each type (rsa/dsa?) before rejecting the connection method and moving to the next type of key.
Hope it's a straightforward question – please let me know if I need to supply more details.
Best Answer
Yes you can have multiple keypairs for a single user. On the remote site put all of the public keys in the users
~/.ssh/authorized_keys
file.On the local site have each private key in a separate file and then use the
-o IdentityFile=/path/to/privatekeyfile
to specify which private key to use. You could useto use the default (current ?) private key and
to use the new key.