Skip to content

Generating SSH Keypair

This document provides the most basic reference on generating a SSH Key pair.

SSH Keypair

The Secure Shell Protocol (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network.1 Typical applications include remote command-line, login, and remote command execution, but any network service can be secured with SSH. -- Wikipedia

An SSH key is an access credential in the SSH protocol. Its function is similar to that of user names and passwords, but the keys are primarily used for automated processes and for implementing single sign-on by system administrators and power users. -- ssh.com

Generating SSH Keypair

The following shows the simplest method of generating the SSH Keypair.

$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/user/.ssh/id_rsa):
Created directory '/home/user/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/user/.ssh/id_rsa.
Your public key has been saved in /home/user/.ssh/id_rsa.pub.
The key fingerprint is:
d0:82:24:8e:d7:f1:bb:9b:33:53:96:93:49:da:9b:e3 user@host

The ssh-keygen command asks for two inputs from the users.

  1. First the output location of the SSH Keypair. By default it would be the .ssh folder in your home directory and named id_rsa for the private key and id_rsa.pub for the public key. This can be changed as per requirement.

  2. Next, it will ask for the passhphrase twice. It can be left empty or a passphrase can be used. Using passphrase requires the users to enter the passhphrase each time. ssh-agent tool can be used to mitigate the need of entering the password each time the key is used. 

$ cd ~/.ssh
$ ls
id_rsa  id_rsa.pub

The public key, id_rsa.pub, can be shared with other users and systems like server, git etc. for the access. The file itself or the content of the file can be shared. Remember to never share the private key, id_rsa, with anyone.

Eg. of the public key content 

$ cat ~/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAklOUpkDHrfHY17SbrmTIpNLTGK9Tjom/BWDSU
GPl+nafzlHDTYW7hdI4yZ5ew18JH4JW9jbhUFrviQzM7xlELEVf4h9lFX5QVkbPppSwg0cda3
Pbv7kOdJ/MTyBlWXFCR+HAo3FXRitBqxiX1nKhXpHAZsMciLq8V6RjsNAQwdsdMFvSlVK/7XA
t3FaoJoAsncM1Q9x5+3V0Ww68/eIFmb1zuUFljQJKprrX88XypNDvjYNby6vw/Pb0rwert/En
mZ+AW4OZPnTPI89ZPmVMLuayrD2cE86Z/il8b+gw3r3+1nKatmIkjn2so1d01QraTlMqVSsbx
NrRFi9wrf+M7Q== user@host
This is the most basic document to get started with SSH Keypair. For more details and advanced usage of SSH Keys that includes using other forms of encryption, ssh-agent, multi-operating systems, refer to the guide by Github on SSH keys.

  1. Contributors: Avash Mulmi