Comment by icedrift
5 hours ago
There's nothing dangerous about SSHing into an untrusted server unless you're using the same keys for everything.
5 hours ago
There's nothing dangerous about SSHing into an untrusted server unless you're using the same keys for everything.
Remote resources only get your public key. It’s meant to be shared! Hence the word “public.”
The threat is having a private key stolen, in which case, having multiple keys can mitigate the amount of damage a threat actor can do. However, to steal your private key would involve a successful attack against your client, not against any server you might have given the public key to.