This page has been optimized for printing

Generating a SSH Key (Linux/Mac)

This document will help you to create your personal SSH key on your Linux or Mac-based operating system, this process is very easy and requires no additional software on your computer.

In a terminal type the following:

ssh-keygen -b 2048

This will then provide the following output:

Generating public/private rsa key pair.
Enter file in which to save the key (/home/user/.ssh/id_rsa): 

You may either just press enter or specify a path to save the file, the default location is usually best however as SSH will look here for the key automatically when you are connecting to servers.

Next it will ask you for a passphrase:

Enter passphrase (empty for no passphrase):

The passphrase is used to encrypt the key on your hard disk, you will need to enter it each time you want to use your key. Note that you will not see any characters typed as you type your passphrase, this is to prevent a shoulder surfer from seeing how long your password is. This step is optional and you may just press enter, however, we do not recommend this as it leaves your key vulnerable to anyone that gains unauthorized access to your computer.

It will then prompt for the confirmation of your passphrase:

Enter same passphrase again: 

Enter the password again, or if you selected not to use one just press enter.

Depending on your operating system the following output may vary from system to system, in my case (Debian 9) the following was presented:

Your identification has been saved in /home/user/.ssh/id_rsa.
Your public key has been saved in /home/user/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:Nh2VLAUfdeFA0eEf4/DqBsZOAbDFTTxT70uQrYL2G/E user@aeryn
The key's randomart image is:
+---[RSA 2048]----+
|       .o.==*B+o+|
|        oo.Bo.Bo |
|       .  o.++ B |
|         ..o  B +|
|        Sooo.. =.|
|       ....=+ o .|
|          +o.E . |
|           .+.   |
|           ...   |
+----[SHA256]-----+

You are now done, you have an ssh key pair ready for use. Your private key will be located where you opted to save it. We recommend that you backup this key onto encrypted media as just like your physical keys if you lose it, you lose access to your property.

Your public key (the key you can share safely) is in the file ending with `.pub`, in the above example this is `/home/user/.ssh/id_rsa.pub`. When asked for your public key you will need to either provide this file, or the contents of it.

To obtain the contents of the file either open it in a text editor or in your terminal type:

cat /home/user/.ssh/id_rsa.pub

Adjusting the path to suit, this will output something like the following:

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDc16ASnyL8UmJJ90vc+HyUL3IL9nbgmwdohElkvgjMfMA8qswz9iZlvGdrjZi0vU/1MIaXQ56MKBYvI+mD13WSpaxZzCQxSuHz5qtLsSEbrXYbnZXI2Z79PZJdgsqP23OBsUdJiNcR7JDLP1jM43WwsNFzBmOCVLYWfUGTgSaE9e5jf9eBmJ1EZwboHaXx1SK6XsZVu57vNhzapaA1iArOwL75ExN4sXr0RoFhWEF9zRE3pT1/ofpG1rwb8IH30zfESQK6pIKEnad3JeILqVrzq7L5/VTaRmdCX7COoyITAb+GNRarp3+VpsV/p/Y/1BSji+SxG8rVSTs/OyKcy/XZ user@aeryn

This entire line is your public key and is required when granting you access to a remote system.


More Information