Skip to content

How To Create SSH Keys

Jump to bottom
Olasupo Okunaiya edited this page Aug 28, 2024 · 1 revision

Creating a public and private SSH key pair in Ubuntu is a straightforward process. These keys are used for secure access to remote servers. Below is a step-by-step guide:

Step 1: Generate the SSH Key Pair

  1. Open the terminal: You can do this by pressing Ctrl + Alt + T.

  2. Generate the SSH key pair: Run the following command to create a new SSH key pair:

    ssh-keygen -t rsa -b 4096 -C "[email protected]"
    • -t rsa: Specifies the type of key to create, in this case, RSA.
    • -b 4096: Specifies the number of bits in the key, 4096 is recommended for strong security.
    • -C "[email protected]": Adds a comment to the key, typically your email address, to help identify the key.

  3. Specify the file to save the key: After running the command, you'll be prompted to choose where to save the key. By default, the key will be saved in the ~/.ssh/id_rsa file. You can press Enter to accept the default location.

  4. Set a passphrase: You will then be prompted to enter a passphrase for the key. This is optional but recommended for added security. You can leave it empty by pressing Enter if you don't want to use a passphrase.

Step 2: View Your SSH Keys

  1. List the contents of your .ssh directory:

    ls ~/.ssh

    You should see your private key (id_rsa) and public key (id_rsa.pub).

  2. View the public key: If you want to copy your public key to use on a remote server, you can view it with the following command:

    cat ~/.ssh/id_rsa.pub

    This will display your public key, which you can then copy.

Step 3: Add the SSH Key to the SSH Agent (Optional)

If you created a passphrase for your key, you'll want to add your key to the SSH agent to avoid having to enter the passphrase every time.

  1. Start the SSH agent:

    eval "$(ssh-agent -s)"

  2. Add your private key to the SSH agent:

    ssh-add ~/.ssh/id_rsa

Step 4: Copy the Public Key to a Remote Server

To use your SSH key for authenticating with a remote server, you need to add the public key to the server's authorized_keys file.

  1. Copy the public key to the remote server using ssh-copy-id:

    ssh-copy-id username@remote_host

    Replace username with your username on the remote server and remote_host with the server’s IP address or hostname.

  2. Manually copy the public key (if ssh-copy-id is not available):

    • Log in to the remote server.
    • Append your public key to the ~/.ssh/authorized_keys file on the remote server: 
      echo "your-public-key-content" >> ~/.ssh/authorized_keys
    • Ensure the permissions on the authorized_keys file are correct: 
      chmod 600 ~/.ssh/authorized_keys
chmod 700 ~/.ssh

Step 5: Test the SSH Connection

Now you can connect to the remote server using SSH without being prompted for a password (if no passphrase was set):

ssh username@remote_host

This process secures your SSH access to remote servers by using a cryptographic key pair rather than a password.

Clone this wiki locally