Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

By "you just use multiple", you mean I would have to generate extra private keys, add them to authorized_keys, and store them somewhere other than my mac, right?

Because just by using multiple keys I would still be locked out if all of them were stored in this 'Secretive' app.



If you only have a single SSH key as the only method of authenticating somewhere, you already have a dangerous single point of failure.


Not if you have multiple copies of the private key. But yes, there are advantages to having any given key only exist in one place.


If you are making multiple copies of a private key in different places, why wouldn't you just keep a different private key in each of those places along with its corresponding public key though?

That way, you can remove trust from just one of them if you (e.g.) have your computer stolen.


Well, not exactly, I use multiple physical keys. Yubikeys and OpenPGP smartcards in my case. I use multiple different types too (the OpenPGP cards are quite cheap too).




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: