- Newest
- Most votes
- Most comments
Hello Venkata,
In terms of security best practices, sharing a Private Key is not recommended. As the name suggests, the Private Key should be kept private to the user who generated them and not shared with anyone.
Concerning SSH Key authentication, the server holds the Public Key whereas the client holds the Private Key. Authentication succeeds when the client uses the Private key which is compared against its corresponding Public Key on the server. This is why in the first case, authentication succeeded when you shared the Private Key with your vendor. When you share the Public Key with your vendor, the authentication process will fail as you cannot use a Public Key against a Public Key. Therefore the behavior that you observed when you shared the Public Key is expected.
To your questions specifically:
Q: Should we send them the public key or private key?
A: If your vendor is going to connect to your server, the vendor should have the Private Key while you/server should have the Public Key.
Q: Is it safe to send them the private key?
A: It depends on how you share the Private Key, however it is not recommended and not a best practice approach as there is always a chance of security breach during sharing confidential keys.
Q: Also, if he has key pair generated, is it okay if I have his public key attached to the account?
A: Yes, there are no issues in having a corresponding Public Key. As the name implies, they are public information.
With that said, the best approach would be to have your vendor create the SSH Keys and share the Public Key with you. You can then add the Public Key to your server and the authentication should succeed when they use the corresponding Private Key.
Let me know if you have questions.
Regards,
Sagar
Relevant content
- asked 3 years ago
- Accepted Answerasked 2 years ago
- asked 6 months ago
- AWS OFFICIALUpdated 3 months ago
- AWS OFFICIALUpdated 9 months ago
- AWS OFFICIALUpdated 5 months ago
- AWS OFFICIALUpdated 3 years ago