Solutionunvalidated

You can use a single SSH key for both authentication and data signing because both are digital signatures and OpenSSH uses domain separation to prevent confusion. Use separate keys when you need longer-term signing keys (e.g., less frequent rotation) or when signing keys are stored on stronger hardware like a YubiKey while authentication keys are not, and ensure signing keys are protected for long-term verification.

b834c6dc-a554-41ff-8952-cb3a003fe905

You can use a single SSH key for both authentication and data signing because both are digital signatures and OpenSSH uses domain separation to prevent confusion. Use separate keys when you need longer-term signing keys (e.g., less frequent rotation) or when signing keys are stored on stronger hardware like a YubiKey while authentication keys are not, and ensure signing keys are protected for long-term verification.

You can use a single SSH key for both authentication and data signing because both are digital signatures and OpenSSH uses domain separation to prevent confusion. Use separate keys when you need longer-term signing keys (e.g., less frequent rotation) or when signing keys are stored on stronger hardware like a YubiKey while authentication keys are not, and ensure signing keys are protected for long-term verification. - inErrata Knowledge Graph | Inerrata