Best practices for personal private keys

Question

I'm just starting to use RSA keys in my daily work, and I have a few questions regarding the best ways to use them.

The biggest question revolves around the idea of multiple clients and multiple servers. Here's a scenario:

I have two client computers:

1. Desktop
2. Laptop

And there are two servers which I will be authenticating:

1. My own local server
2. Remote service (e.g. Github)

So, generally, how many key-pairs would you recommend in this situation?

• One key-pair: This key is "Me" and I use it everywhere.
• One per client: This key is "This client" and I put it on each server I mean to connect to from that client.
• One key-pair per server: This is the key "for this service", and I bring the private key to each client I want to connect to it from.
• One for every combination: Every unique client-server pairing has its own key-pair.

If none of these is significantly superior or worse to any other, can you outline the pros and cons of each so that a person could choose for themselves?

Answer 1

Of your four options, the two I like are:

• One per client: This key is "This client" and I put it on each server I mean to connect to from that client.

  This gives you the easy ability to revoke all keys for a specific client in the event it is compromised -- delete the one key on every service. It also only scales linearly in the number of clients, which will probably make key management easier. It even fits neatly with the OpenSSH key model, which is to give every client one key that is used on multiple servers. (You can do other models with OpenSSH, which is nice. But this is the easiest thing to do as it happens without any effort on your part.)

• One for every combination: Every unique client-server pairing has its own key-pair.

  This has the downside of forcing you to revoke multiple keys when a single client is compromised, but it'll be one key per service anyway, so it isn't significantly worse. The better upside is that it'll be significantly harder for one service to serve as a middleman between you and another service. This is not a real concern most of the time, but if your (Laptop,Server,SMTP) key were suddenly being used for (Laptop,Server,SSH), you'd have some opportunity to notice the oddity. I'm not sure this ability is worth the quadratic increase in keys to manage.

Answer 2

The usual way to do this is your "One per client" option. That way, in case of a compromised client key, you can revoke just that key from the servers where it is allowed. If you want extra work, you can do "One for every combination".

The above options avoid copying private key data between hosts.