I have a remote server that I want to allow SSH access to but only to certain people, and I don't trust passwords, so keys are the way to go.

However, all I know about setting up keys is based on the user creating a public/private key pair, and the server adding that user's public key to it's trusted keys to allow access.

Ideally what I want to do is the other way around, in that I want to generate the key pairs on the server and copy the relevant key to the clients so that they all share the same key (there won't be many users and I just want to give them a key rather than have them create keys themselves).

What is the "correct" way to do this, or am I doing something horribly wrong? I figure that I can set up the key pair myself as usual, but then copy the private key from my PC to anyone else who needs access, but I'm not sure if that's the right approach.

(I'm quite OK with the idea of creating different keys for different users, adding them to the server, then issuing the keys to the users, so I can revoke access from any given user quite easily if I need to; I just don't want the users having to do the key creation bit.)

If it's relevant, most of the users other than me will be connecting via Windows (PuTTY), and will need to be able to tunnel through the SSH connection for various apps.

--
Mark Rogers // More Solutions Ltd (Peterborough Office) // 0844 251 1450
Registered in England (0456 0902) @ 13 Clarke Rd, Milton Keynes, MK1 1LG