Introduction

Secure Shell (SSH) is a network protocol that uses cryptography to establish a secure connection between a client and a server over an unsecured network. SSH keys are used to authenticate and authorize access to remote servers and services, and they offer a higher level of security than conventional password-based authentication methods. In this post, we will demonstrate how to generate an SSH key.

Check for existing SSH keys

Before generating a new SSH key, you should check if you already have one. To check if you have an existing SSH key, run the following command in your terminal:

ls -al ~/.ssh

If you see a file named id_rsa.pub or id_dsa.pub, then you already have an SSH key pair. The id_rsa.pub file is the public key, and the id_rsa file is the private key. If you don’t have an SSH key pair, then proceed to the next step.

Generate a new SSH key

To generate a new SSH key, run the following command in your terminal:

ssh-keygen -t rsa -b 4096 -C "[email protected]"

This command will generate a new SSH key pair using the RSA algorithm with a 4096-bit key size. You can replace “[email protected]” with your own email address or any other identifier that you prefer. You will be prompted to enter a file name and a passphrase.

Choose a file name and passphrase

When prompted for a file name, you can accept the default by pressing Enter or specify a custom name. The default file name is id_rsa, which will be stored in the .ssh directory in your home directory.

You will also be prompted to enter a passphrase. A passphrase is a password-like phrase that is used to encrypt your private key. You can leave it blank if you don’t want to use a passphrase, but we recommend using one for added security. Make sure to choose a strong passphrase that is difficult to guess.

Add your SSH key to the ssh-agent

To use your SSH key, you need to add it to the ssh-agent, which is a program that manages SSH keys. To add your key, run the following command:

ssh-add ~/.ssh/id_rsa

This command will add your SSH private key to the ssh-agent. If you used a custom file name for your key, replace id_rsa with your custom file name.

Add your public key to the remote server

To use your SSH key to access a remote server, you need to add your public key to the server’s authorized_keys file. To do this, copy the contents of your public key file (id_rsa.pub) print your public key terminal and then copy:

cat ~/.ssh/id_rsa.pub

Then, log in to the remote server and navigate to the .ssh directory in your home directory. If the directory does not exist, create it with the following command:

mkdir ~/.ssh

Then, create or open the authorized_keys file in a text editor and paste your public key into the file. Save and close the file.

Test your SSH connection

To test your SSH connection, run the following command:

ssh username@remote_host

Replace username with your username on the remote server and remote_host with the hostname or IP address of the remote server. If everything is set up correctly, you should be prompted for your passphrase (if you set one), and then logged in to the remote server.

Congratulations! You have successfully generated an SSH key and added it to your ssh-agent and remote server. You can now use your SSH key to securely access remote servers and services without having to enter your password each time.

Final thoughts

SSH keys are a crucial tool for secure remote access and should be used whenever possible. By generating and using SSH keys, you can significantly improve the security of your remote connections and protect your data from unauthorized access. Remember to keep your private key safe and secure and never share it with anyone.

Categorized in:

How-ToLinux System Administration

Tagged in:

, , , , ,