This article can help you on generating SSH keypair for authentication to your remote machines. The benefits of using SSH keys are the added security in compare with password authentication and the ease that you can you the same keypair to connect to multiple sites and remote machines, by just sharing you public key and keeping your private key secure.
To create a new keypair under Linux you can use ssh-keygen:
ssh-keygen -t rsa -b 4096
The ‘-t’ specifies the use of the RSA cryptosystem, where ‘-b’ specifies the size of the key of 4096 bits.
You will be prompted where to save the generated keypair:
Generating public/private rsa key pair.Enter file in which to save the key (/home/admin/.ssh/id_rsa):
The default location is the .ssh folder in your home directory. You can stick with deafult one, so just press the Enter key to go on.
You can add additional protection for your SSH keys by adding a passphrase. This way you’ll have to decrypt the key each time you want to use it. You can enter one, or you can leave it empty if you want to login just with key and no more passwords.
Created directory '/home/admin/.ssh'.Enter passphrase (empty for no passphrase):Enter same passphrase again:Your identification has been saved in /home/admin/.ssh/id_rsa.Your public key has been saved in /home/admin/.ssh/id_rsa.pub.The key fingerprint is:b9:36:9f:d3:60:5e:8e:22:1c:0d:92:84:e6:06:3e:d1 admin@ubuntuThe key's randomart image is:+--[ RSA 2048]----+| .. ||..oE. ||.+.. . || oo o . . || .. . oS || . ..o . || . .+o * || o..o+.o || . .o. |+-----------------+
After that step you have your brand new SSH keys created in your ~/.ssh
You’ll find two files there you public key with the default name id_rsa.pub and your private key – id_rsa.
If the Linux machine that you used for creating those is your personal computer, you’ll need to copy the public key on your remote server to authorize connecting with the key. Take a look at “Setting up SSH keys for authentication“.
If the machine you’ve created the keys on is your remote machine, we would recommend you saving your private key (id_rsa) to your local computer and removing it from the remote machine. You must keep your private key safe and secure.