New or old Git public key

Question

New to Git. I already have git installed from another company I worked at. If I already have git installed and have a public do I need to generate a new public key if I'm working in another company. Or does the public key just represent your machine. Not sure I understand what exactly the public key is about.

Answer 1

If the private key was stored on a machine at your previous company then you should definitely change it. That key is you as far as bit streams and access protocols are concerned. It should be private to you.

If your git hub repos aren't that important (are they public anyway, & do you have local copies?) then you won't care half as much.

Just because you have nothing to hide doesn't mean you have nothing to protect ;-)

Answer 2

Your SSH keypair represents your identity, identified by either an email address (convenient) or a username@machine pair (inconvenient). You should generate new keys if you have a new corporate email address; technically(*), you can decide whether or not to link it with your GitHub profile, which supports several keys per user.

(*) I'm not a lawyer, this is not legal advice, and I'm not sure whether you're allowed to have multiple GitHub accounts. Check their terms of use.

Answer 3

A keypair is essentially just a password, albeit a more secure one (if you put a passphrase on it). You do not need more than one key, ever. If you wish to have more than one key, or to stop using an old one, that's entirely your choice.