How do I backup ssh keys?

I am planning to do a fresh install of ubuntu 11.10 in my system. Before that i have setuped key based ssh authentication in this machine. Is it possible to take backup of those ssh keys, so that i can use that in my new installation. Or else i must setup keybased ssh authentication again? If i can take backup, what are the files i need to copy? Can someone explain it in detail pls. Thanks in advance.

Here is Solutions:

We have many solutions to this problem, But we recommend you to use the first solution because it is tested & true solution that will 100% work for you.

Solution 1

Responding to SSH only… yes, you can keep your keys.

I can’t think of any topic on which to expound about that, though. It is straight forward: if your username is karthick, then the keys are located in a hidden directory here:




The file contains the public key used to authenticate. But there are other files to keep – all of them, really, such as known_hosts for example. The MOST IMPORTANT is id_rsa (note the lack of .pub) as this is your private key. Back up each user. For example, if you set up SSH for root, get /root/.ssh as well. And so on for as many accounts as you have for this reason.

Solution 2

Cryptographic keys which you may want to backup.

  • ~/.gnupg/*
  • ~/.pki/nssdb/*
  • ~/.gnome2/keyrings/*
  • ~/.ssh/*
  • /usr/local/apache2/conf/ssl.crt/server.crt
  • /usr/local/apache2/conf/ssl.key/server.key
  • /etc/ssh/*
  • /etc/ssl/private/*
  • /etc/cups/ssl/*

Solution 3

Each user has a directoy ~/.ssh, which typically contains the following files:

1) id_dsa             private key of this user (different filename for rsa keys)
1)         public key of this user
2) authorized_keys    public key of other users (or same user on other machines)
   config             personal configuration
   known_hosts        host keys of other machines

Additionally, in /etc/ssh/, you will find:

3) ssh_host_dsa_key
3) ssh_host_rsa_key

Those are the host keys, keys identifying this computer.

You certainly want to backup all private and public keys. We call the machine in question home and the user [email protected] Same person has an account [email protected] and uses key-based login in both directions. What would happen if you loose any of the key files:

  1. You loose the identity of [email protected] ssh [email protected] from home will no longer work with key based auth.
  2. [email protected] loose the right to login to home with his key. ssh [email protected] will no longer work from remote with key based auth.
  3. You loose the identity of the host. [email protected] will see a warning that host keys have changed when trying ssh [email protected]. Depending on the configuration this will prevent him from logging in.

Note: Use and implement solution 1 because this method fully tested our system.
Thank you 🙂

All methods was sourced from or, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0

Leave a Reply