I have dotfiles saved in a public github repo, which include the path to my aws keys, which seems like a terrible thing waiting to happen.
So it's like this:
function superssh { ssh user@something -i /file/path/to/keys;} What's a better way of doing this that improves my security?
Hiding your key in an unusual place is not making it any safer. If you undertake basic good practice for key management there's really no need to do anything extra.
Your private key needs to be kept 'secret', this primarily achieved by encrypting it. You should use a strong passphrase to encrypt your key. On your system(s) openssh enforces additional restrictions in that it will not use a private key that is accessible by anyone other than it's owner.
Your public key is just that, public, you can give it to anyone.
If someone has enough access to your box to harvest your keys, it's game over anyway. Don't worry about it.
If you want to do it this way, then you could use environment variables:
export KEY_FOO=/path/to/key/foo.pem export KEY_BAR=/path/to/key/bar.pem Put those exports in your .bash_profile or .bashrc or whatever bash init config you have. Then you can do something like this in other dot files.
function superssh { ssh user@something -i $KEY_FOO; } 