Adding an RSA key without overwriting [closed]

Question

I want to generate a set of keys for a home server that I would like to SSH into, so I do ssh-keygen -t rsa, but then I get a message: id_rsa already exists. Overwrite (y/n)?

Well, I don't want to overwrite because the keys I have now I use to SSH into my university's servers, and it would be a pain to have to do all that junk again every time I wanted to switch. Is there an easy way to append the keys?

I tried following a tutorial (which I cannot find) that suggesting something about using the cat command, but I am pretty lost. It seems like the solution is something very simple that I'm just not seeing.

Answer 1

You can achieve this by using a config file in your home directory under the .ssh directory:

1. Generate your key as usual:

   ssh-keygen -t rsa
   

2. Don't overwrite the default (usually id_rsa). Instead, create a new name. This will create a separate file with your key.

3. In ~/.ssh create a config file with the following content:

   Host * (asterisk for all hosts or add specific host)
     AddKeysToAgent yes
     UseKeychain yes
     IdentityFile <key> (e.g. ~/.ssh/yourKey)
   

4. The key is now added to the keychain and can be used!

--

You can use multiple IdentityFiles in your config (Mac example):

Host *
  AddKeysToAgent yes
  UseKeychain yes
  IdentityFile ~/.ssh/id_rsa_private_server
  IdentityFile ~/.ssh/id_rsa_github
  IdentityFile ~/.ssh/id_rsa_work_server

Answer 2

You can use the same public key on both servers. If you don’t want to do that, just specify a different location than ~/.ssh/id_rsa when ssh-keygen prompts you before that, and use it with an agent:

% ssh-agent sh  # Replace with your favourite shell.
$ ssh-add ~/.ssh/id_rsa_2
$ ssh somewhere
$ exit
%

ssh-agent can also be used without starting a new shell as eval $(ssh-agent).