Until now, we’ve assumed you have a single SSH identity that uniquely identifies you to an SSH server. You do have a default identity—our earlier ssh-add examples operated on it—but you may create as many other identities as you like.
Why use several identities? After all, with a single SSH identity, you can connect to remote machines with a single passphrase. That’s very simple and convenient. In fact, most people can survive perfectly well with just one identity. Multiple identities have important uses, however:
If you use different SSH keys for different remote accounts, and one of your keys is cracked, only some of your remote accounts are vulnerable.
Using an SSH key with an empty passphrase, you can create secure, automated processes between interacting computers, such as unattended backups. [220.127.116.11] However, you definitely don’t want your regular logins to use an unencrypted private key, so you should create a second key for this purpose.
You can configure your remote account to respond differently based on which key is used for connecting. For example, you can make your Unix login session run different startup files depending on which key is used.
Your remote account can be set up to run specific programs when an alternative key is used, via forced commands. [8.2.3]
In order to use multiple identities, you need to know how to switch between them. There are two ways: ...