This is not an actual programming question, but please listen to me. I am creating a deployment tool. With my application, other users can deploy their own application on their own servers. (just like forge.laravel.com),
The following are the use cases for this particular question
- I need to store every public SSH key of my user because I need to put this key in each of the servers provided. So that users without manual permissions can log in to their servers via ssh.
- Also, I need to authorize the SSH key of my applications (ie the public key of my server) on the customer's server so that I can execute commands on my user's server on its behalf.
- I need to generate a new key on the newly deployed customer server and authorize it in the client's github / gitlab so I do not have to enter a username or password when pushing / pulling from the server.
Let's come to the question of where and how to keep these keys (safe). can I save them to a specific directory on my server? This makes me think that my server can be a big target for hackers, because if it is able to hack, it will open doors to a lot of servers.
What steps can I take to make this setup safer?
Considering Application Case 2, does it make a difference if I generate separate keys for separate customers?