Hacker News new | comments | show | ask | jobs | submit login

I would not suggest that it's okay even for a private repo. Never let your private keys leave your machine or its dedicated, encrypted backup.

Although I would never do this myself, if the keys themselves are encrypted with a password and then uploaded, it's not nearly as bad.


In the case of ssh keys, you usually should use a different key per device/home directory and let your server accept all the keys.


Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact