Generate SSH Keys

Generating SSH keys is fairly standard Linux task to do. SSH keys allow a more secure method of logging into a remote server, plus you can use them to allow password-less logins for management scripts and the like.

Firstly, run the following command:

ssh-keygen

This will then generate a key for the current user. You’ll see output like the following:

Generating public/private rsa key pair.
Enter file in which to save the key (/home/user/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/user/.ssh/id_rsa.
Your public key has been saved in /home/user/.ssh/id_rsa.pub.
The key fingerprint is:
79:ed:d8:8c:d6:e3:9e:3a:86:d3:b4:75:ba:59:75:92 [email protected]

Note the passphrase option - this can be (and is encouraged to be) different from the system password for the remote user. This allows different users to log into the same remote user using their own passwords and also allows you to use the same password for multiple remote users. You can also make it blank, allowing you to log in without using a password. It’s a security risk, but is normally used for backup and management scripts.

The /home/user/.ssh directory will now contain two files - id_rsa and id_rsa.pub. Don’t share these files with anyone! To install your key for use on a remote server, run the following command:

ssh-copy-id [email protected]

Or, simply copy the contents of id_rsa.pub to the remote user’s .ssh/authorized_keys file. If it doesn’t exist, you can create it but make sure that the file is owned by the user and the permissions are set to 0600.