Lyrics
Usually, people say, that using single public key on several servers is just as secure as using unique public keys on each of them. (If we're not talking about possibility of private key being compromised)
But... I don't get, if it's possible to "spoof your authentication" in the following case:
Preconditions
Suppose you're a happy owner of PC-1. There's also a Server-1 and Server-2, and they share the same public key. Server-1 is aware of existence of Server-2, but you don't want Server-1's admin to be able to steal your data from Server-2.
So, what's wrong here:
- PC-1 tries to connect to Server-1...
- Server-1 provides PC-1 with Server-1's fingerprint (which is known and trusted)
- Server-1 "tunnels" authentication request from PC-1 to Server-2
- Server-2 replies to Server-1 (sends a "challenge")
- Server-1 tunnels challenge to PC-1
- PC-1 thinks that "challenge" was generated by Server-1
- PC-1 uses it's private key to solve the challenge and sends the signature to Server-1
- Server-1 uses obtained signature to authenticate itself on Server-2
PS:
All I know about ssh authentication process came from here and here.