How to Generate SSH Keys (Linux)
SSH keys are a secure way of logging into your server without needing to use a password. This tutorial will guide you through the process of generating an SSH key using different types of encryption.
Step 1 - Open a terminal
Open your terminal. Most Linux distributions use Ctrl+Alt+T as a shortcut.
Step 2- Generate an SSH key
To generate an SSH key, use the ssh-keygen command. Here are the options you can use:
- -t specifies the type of encryption. There is rsa, dsa, ecdsa, and ed25519.
- -b specifies the number of bits in the key (only for certain key types).
I suggest using ed25519 (newer encryption) or rsa (older). Choose what you think will fit you.
ssh-keygen -t rsa -b 4096 -C "[email protected]"
ssh-keygen -t ed25519 -C "[email protected]"
Step 3 - Follow the prompts
After running one of the above commands, you will be prompted to specify the location to save the key.
Generating public/private ed25519 key pair.Enter file in which to save the key (/home/your_username/.ssh/id_ed25519):
Press Enter to accept the default location, or specify a different path. Next, you will be prompted to enter a passphrase:
Enter passphrase (empty for no passphrase):Enter same passphrase again:
A passphrase adds an extra layer of security. If you choose to set one, you will need to enter it whenever you use the key. Press Enter twice to skip setting a passphrase.
Step 4 - Verify Your keys
Your new SSH keys will be saved in the specified location. By default, the private key will be named id_ed25519 (or according to the encryption type you chose, e.g., id_rsa), and the public key will be named with a
.pub
Example Session
Here's an example session generating an
ed25519
ssh-keygen -t ed25519 -C "[email protected]"Generating public/private ed25519 key pair.Enter file in which to save the key (/home/your_username/.ssh/id_ed25519):Enter passphrase for "/home/your_username/.ssh/id_ed25519" (empty for no passphrase):Enter same passphrase again:Your identification has been saved in /home/your_username/.ssh/id_ed25519Your public key has been saved in /home/your_username/.ssh/id_ed25519.pubThe key fingerprint is:SHA256:<REDACTED> [email protected]The key's random art image is:+--[ED25519 256]--+| E .. o.|| . +. oo.|| o . . . +=|| o . o o=o|| + S o . +|| . + @ = . . || + O @ o . .|| . B * + + || o= o o ... .|+----[SHA256]-----+
Conclusion
You have successfully generated an SSH key. You can now use this key to authenticate with servers that support SSH key-based authentication. Remember to keep your private key secure and never share it with anyone.
If you need help copying this SSH key to a server, I also have a small guide for that here: Generate SSH key (Linux).