How to Generate A Public/Private SSH Key [Linux]

If you are using SSH frequently to connect to a remote host, one of the way to secure the connection is to use a public/private SSH key so no password is transmitted over the network and it can prevent against brute force attack.

In Linux, creating a public/private SSH key is easy.

1. Open a terminal. Type:

Alternatively, you can also use the DSA (Digital Signing Algorithm) technology to create the public/private key.

Note: There has been a lot of debate about the security of DSA and RSA. In my opinion, unless you are very particular and love to delve into the technical detail between the two technology, it doesn’t matter which of the two you choose. Both will work fine.

2. In the next screen, you should see a prompt, asking you for the location to save the key. The default location is the .ssh folder in your Home directory. You can just press “Enter” to accept the default setting.

ssh-keygen

3. Next, you will be prompted to enter passphrase. This is NOT the passphrase to connect to your remote host. This is the passphrase to unlock the private key so that no one can access your remote server even if they got hold of your private key. The passphrase is optional. To leave it blank, just press “Enter”.

ssh-passphrase

4. Your public and private SSH key should now be generated. Open the file manager and navigate to the .ssh directory. You should see two files: id_rsa and id_rsa.pub.

5. Upload the id_rsa.pub file to the home folder of your remote host (assuming your remote host is running Linux as well). Connect to your remote host via SSH and use the following command to move the public key to the correct location.

6. Still in your remote host, open the SSH config file:

Scroll down the config file and make sure the following attributes are set correctly.

Press “ctrl + o” to write and save the file, follow by “ctrl + x” to close the file.

7. Lastly, restart the SSH server in the remote host

That’s it. You can now connect to your remote host with the following command:

Image credit: eternicode @ DeviantArt

3 comments

  1. Most distros provide seahorse which provides a gui for doing this, it will so automatically access an ssh server and add the public key to the servers keyring which is pretty handy.
    Definitely worth pointing your readers to seahorse if you want to “make tech easier”

  2. Hi,

    there’s a typo in your commands…
    you wrote “ssh -keygen -t rsa” but it should be “ssh-keygen -t rsa” with no space between “ssh” and “-keygen”

Comments are closed.

Sponsored Stories