...
Device compromise:
A device upon which you store your ssh key files has been compromised, due to malware, malicious actors gaining access to log in as you on your device, or malicious actors gaining access to data stored on your device.
Data compromise:
Your key files were copied or accessed by someone other than yourself
You backed up your key files to a location outside your device that was subject to a compromise
Following good security practices:
It is recommended that ssh keys be rotated as part of a remediation process to ensure any keys that may have been compromised since their initial generation cease to be usable. ARCC recommends rotating your keys every 6 months (similar to requiring password changes at regular intervals).
...
Click the download button. This will download your new key files to the local device from you’re currently accessing OnDemand.
...
Replacing SSH Keys on your Device
Before configuring your new ssh keys on your devices (usually this is your main workstation or laptop) you must remove your old keys.
As always, ARCC recommends only setting up SSH authentication keys on devices you have sole access to, and not on shared devices. If you do set up an ssh key for authentication on a shared device, only do so on computers where individuals log into separate, individual profiles on the computer. If you’re not sure how to determine this, contact arcc-help@uwyo.edu
Expand the section associated with your specific device OS and follow directions to remove your old SSH keys before replacing them with your new keys.
...