How To: Generate SSH Key
SSH is such an integral part of everyday Linux/Unix life now, that it makes sense to use it for as many remote access and automation tasks as you can. As you probably know, you shouldn’t be using password SSH authentication unless you have a pretty good reason to do so. By default, always use SSH keys. Today I’ll show you how to generate SSH keys.
Generate SSH key with ssh-keygen
ssh-keygen is a standard utility supplied with SSH package. If you have ssh command on your system, you probably have the ssh-keygen command as well.
Without any command line options, ssh-keygen will ask you a few questions and create the key with default settings:
[greys@rhel8 ~]$ ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/home/greys/.ssh/id_rsa): Created directory '/home/greys/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/greys/.ssh/id_rsa. Your public key has been saved in /home/greys/.ssh/id_rsa.pub. The key fingerprint is: SHA256:Seu7UBogeX+g9+iv01CDJqiXAby740JKZGrZtu1T3oQ greys@rhel8 The key's randomart image is: +---[RSA 2048]----+ |. | |.. . | | .+.o ... | | +oo.+oooo | |+.+o.o+.S. | |o*oo ..E . | |=.o o *o= | |oo . +.o.o | |o.. ..+++. | +----[SHA256]-----+ [greys@rhel8 ~]$
Specify SSH key size for ssh-keygen
Most likely you’ll have your preferences for SSH keys and it is much easier to just specify them when running the ssh-keygen command.
This is how one can generate 4096-bit key, for example:
[greys@rhel8 ~]$ ssh-keygen -b 4096 Generating public/private rsa key pair. Enter file in which to save the key (/home/greys/.ssh/id_rsa): /home/greys/.ssh/rsa-4k Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/greys/.ssh/rsa-4k. Your public key has been saved in /home/greys/.ssh/rsa-4k.pub. The key fingerprint is: SHA256:4rf1AGIc99L57/xC1PWu7pJpwhkn5YCmZQqua/XdmGA greys@rhel8 The key's randomart image is: +---[RSA 4096]----+ | | | .| | . .. .o| | .. o=o... . o| | . .=*S ++ . . | | ooEo oo.o . .| | o o.o.=o=.+ . | | o ..+o=o=oo | | ... . o.=*o.| +----[SHA256]-----+