I'm worried if I use my personal github for work that it could cause my employer (FAANG) to have access to all of my personal things. This could involve open source work as well as private work repos.<p>Is it possible to insulate myself from this risk by:<p>- only using my work laptop for work things<p>- work-only ssh & gpg keys that are only accessed on my work laptop<p>Or is the only hope to create a separate Github accounts?
The general consensus whenever this is asked is: use work resources for work, and personal resources for personal.<p>In other words, don't cross the streams.
You're asking about a technology solution to a legal problem. Depending on the agreement between you and your employer, even a separate account may not be sufficient.<p>Understand that first, then determine how to best implement it.
Best to have a separation of church and state (so to speak). Use your work devices for work, and your personal devices for personal things. It might sound a bit cumbersome, but it can prevent potential problems.<p>A few years ago, a colleague accidentally pushed a bunch of AWS keys (or something like that) to his person GitHub account when he should have pushed it to his company one. His personal account was public, someone found the keys, and started spinning up AWS instances by the dozen using those keys.