On 07/11/2016 12:27 PM, Go Canes wrote:
Each user on each system needs to have a private ssh key, and a
public
ssh key.
No, they don't. Private keys belong on your closest system, on an
encrypted volume. Often, you will only need one.
For maximum convenience (which equals less security), you can copy
the
public *and* private key for one system to all of the other systems.
Be careful that the modes on the private keys are set correctly. And,
as has already been pointed out, be aware that with this set-up, if
someone breaks into one of the accounts, they have access to all of
them with no further effort.
And that is why your keys should remain only on your workstation, and
ssh agent forwarding should be used selectively to connect from system
to system, which has been discussed fairly extensively in this thread.