This page has been optimized for printing

Generating a SSH Key (Linux/Mac)

This document provides instructions for creating your personal SSH key on a Linux or Mac-based operating system. The process is straightforward and does not require additional software on your computer.

In a terminal, type the following command:

ssh-keygen -b 2048

This will generate the following output:

Generating public/private rsa key pair.
Enter file in which to save the key (/home/user/.ssh/id_rsa):

You can either press Enter to accept the default location or specify a different path to save the file. The default location is usually the most convenient, as SSH will automatically look for the key there when connecting to servers.

Next, it will prompt you for a passphrase:

Enter passphrase (empty for no passphrase):

The passphrase is used to encrypt the key on your hard disk. You'll need to enter it each time you want to use your key. Note that as you type your passphrase, no characters will be displayed to prevent shoulder surfers from seeing its length. This step is optional, but we highly recommend using a passphrase to enhance security. Press Enter if you don't want to set a passphrase.

It will then ask you to confirm the passphrase:

Enter same passphrase again:

Re-enter your passphrase or press Enter if you didn't set one.

The following output may vary depending on your operating system. In this example (Debian 9), the output was as follows:

Your identification has been saved in /home/user/.ssh/id_rsa.
Your public key has been saved in /home/user/.ssh/
The key fingerprint is:
SHA256:Nh2VLAUfdeFA0eEf4/DqBsZOAbDFTTxT70uQrYL2G/E user@aeryn
The key's randomart image is:
+---[RSA 2048]----+
|       .o.==*B+o+|
|        oo.Bo.Bo |
|       .  o.++ B |
|         ..o  B +|
|        Sooo.. =.|
|       ....=+ o .|
|          +o.E . |
|           .+.   |
|           ...   |

Now you're done! You have an SSH key pair ready for use. Your private key will be located where you chose to save it. We recommend backing up this key to encrypted media because losing it means losing access to your server.

Your public key (the key you can safely share) is in the file ending with `.pub`. In the example above, the file is `/home/user/.ssh/`. When asked for your public key, you can provide either the file or its contents.

To view the contents of the file, open it in a text editor or type the following command in your terminal:

cat /home/user/.ssh/

Adjust the path as needed. This will display something like the following:

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDc16ASnyL8UmJJ90vc+HyUL3IL9nbgmwdohElkvgjMfMA8qswz9iZlvGdrjZi0vU/1MIaXQ56MKBYvI+mD13WSpaxZzCQxSuHz5qtLsSEbrXYbnZXI2Z79PZJdgsqP23OBsUdJiNcR7JDLP1jM43WwsNFzBmOCVLYWfUGTgSaE9e5jf9eBmJ1EZwboHaXx1SK6XsZVu57vNhzapaA1iArOwL75ExN4sXr0RoFhWEF9zRE3pT1/ofpG1rwb8IH30zfESQK6pIKEnad3JeILqVrzq7L5/VTaRmdCX7COoyITAb+GNRarp3+VpsV/p/Y/1BSji+SxG8rVSTs/OyKcy/XZ user@aeryn

The entire line represents your public key, which is required when granting you access to a remote system.

More Information