Good content takes time and effort to come up with.
Please consider supporting us by just disabling your AD BLOCKER and reloading this page again.
Generate SSH Key with ssh-keygen In Linux / Unix
18th April 2020
4 mins read
Share On
When you need to securely connect from your computer to server without any passwords then one of the best solution which exists for longer time is SSH. This works with SSH public and private key exchange between your computer and server.
With great power comes great responsibility. What I meant over here is, if you loose public and private keys then you will be permanently locked out from accessing your server.
Step 1 - Check If SSH Key Already Exists
Open terminal and run the following command, if already SSH keys exists then it will list the key pairs (id_rsa, id_rsa.pub)
ls -la ~/.ssh
Step 2 - Generate New SSH Key
To generate new public and private key pair run the following command. Make sure you don't share id_rsa key with anyone and remember to keep it safe.
ssh-keygen -t rsa -b 4096 -C "your_email@gmail.com"
-t - Type of the key you want to generate RSA, DSA. But RSA is very secure so better stick with it.
-b - Number of bits then key needs to be generated. The higher the bits the more its secure. Keep 4096 bits its very secure one.
-C - comments
When you add the above command you will get the following confirmation
ssh-keygen -t rsa -b 4096 -C "your_email@gmail.com"
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/channaveer/.ssh/id_rsa):
Make sure to cross verify the path and be-careful with the following points:
- If your already having
id_rsafile then it will overwrite that if you proceed and you wont be able to get back the older keys. - Good thing is you can rename with the alternate name
Since I already have id_rsa key I will rename it to id_rsa_testing. Like the following:
ssh-keygen -t rsa -b 4096 -C "your_email@gmail.com"
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/channaveer/.ssh/id_rsa):id_rsa_testing
Now it will ask you to enter passphrase and confirm the passphrase. If you want you can leave it empty. Its like one level security added before proceeding.
ssh-keygen -t rsa -b 4096 -C "your_email@gmail.com"
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/channaveer/.ssh/id_rsa):id_rsa_testing
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
After confirm the passphrase then it will generate random art image. So the following is the complete process in one glance
ssh-keygen -t rsa -b 4096 -C "your_email@gmail.com"
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/channaveer/.ssh/id_rsa):id_rsa_testing
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in id_rsa_testing.
Your public key has been saved in id_rsa_testing.pub.
The key fingerprint is:
SHA256:sqWiJ1O0KQuj4LfzTlXHjFNjgsxVXx4pe7oeg0Vd1dw your_email@example.com
The key's randomart image is:
+---[RSA 4096]----+
| o oo.= +B|
| + B o.+.E|
| + + ooo |
| . . o .. . |
| . o..S .o |
|+ . + .= o. |
|+o +..o . o. |
|..++o. .o |
| o==o .. |
+----[SHA256]-----+
This creates id_rsa_testing & id_rsa_testing.pub key in ~/.ssh path.
Step 3 - Add SSH Key To ssh-agent
To add SSH key to ssh-agent use the following command
eval "$(ssh-agent -s)"
You get the following output as:
Agent pid 27796
Now its time to add SSH private key to ssh-agent with the following. If you had generated for the 1st time then replace id_rsa_testing with id_rsa. If you have given any other name in the place of id_rsa_testing then replace in the following:
ssh-add ~/.ssh/id_rsa_testing
Now sit back and relax. You have successfully added one level of security. Instead of password logins you can successfully login with SSH keys.
Step 4 - Non Mandatory (But good if you follow up)
Your doing good job pals. When your Admin or your Colleagues ask you to share SSH key then share id_rsa_testing.pub or id_rsa.pub. Never ever share id_rsa or id_rsa_testing keys
Now you can add this SSH key to authorize_keys in your cloud server to give access to you or your colleagues.
Conclusion
In this tutorial you learnt who to securely login from your computer to your server. You have done a great job.
WHATS NEXT?
If your working on your laptop and want to manage multiple SSH keys for example your Personal GIT keys, your Company GIT keys, Your side business company GIT keys then refer my article Managing Multiple GIT Key Pairs Or Account In The Same Computer
Articles For You
Getting Started With AMP (Accelerated Mobile Pages)
Website Speed and Performance Optimizations
Google reCAPTCHA Integration In PHP Laravel Forms
Setup MAMP Virtual Hosts For Local PHP Development
Install Linux, Apache, MYSQL, PHP (LAMP Stack) on Ubuntu
Firebase Cloud Messaging (FCM) Browser Web Push Notifications Using Javascript And PHP
Client-Side Form Validation With Javascript
Generate Sitemap in PHP Laravel
Make Laravel Controllers Slim By Skimming Form Validation Request
Proper Way To Validate MIME Type Of Files While Handling File Uploads In PHP
