Are you looking forward to enhancing the security of your SSH login to the Linux server? Then use SSH key pair instead of a password for login.
Password authentication of SSH login lacks security as it can be broken down with brute-force attacks. Using SSH key pair, the public key is stored in the host server, and the private key can only decrypt it. SSH key pair is generated cryptographically, and guessing the correct private key is almost impossible. Thus using SSH key pair enhances the security of your Linux Server. To use SSH key pair, you need to generate an SSH keypair with the ssh-keygen command.
In this blog post, I’ll show you how to create SSH key pair on Linux and Windows.
Table of Contents
How to Generate SSH Key on Linux
Generating SSH key pair in Linux is very straightforward using the ssh-keygen command. The generating process is shown In the following section.
Step 1: Open the Terminal
To execute the ssh-keygen command, open your Linux terminal first. In Linux, you can open your terminal by pressing CTRL + ATL + T
Step 2: Generate the Key Pair
Once you open the terminal, you can generate the key pair. To generate SSH key pair, use the following command
ssh-keygen -t rsa -b 4096 -C "[email protected]"- Here flag -C in the ssh-keygen command accept the comment. This is optional. So, You can remove the flag. But it is often helpful to identify the owner of the public key.
After executing this command, you will be prompted to enter a file to save the key (/home/user/.ssh/id_rsa). Leaving it black will create ssh key pair in the default location ~/.ssh. You can also specify a file to save the key pair.
Step 3: Choose a Secure Passphrase
After specifying a file or leaving it for the default file location, you will be prompted to enter a passphrase (empty for no passphrase). A passphrase is similar to a password, and it adds an extra security layer to your ssh key. Choose a strong passphrase or leave it blank if you don’t add a passphrase to your ssh key.
Then ssh-keygen command will generate a random ssh key pair for you.
Output
Your identification has been saved in /home/ashiqur/.ssh/id_rsa
Your public key has been saved in /home/ashiqur/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:muJ29IEXr53EaIp4hYKCcJIzjID9fYzwjkgfB0QYuJw [email protected]
The key's randomart image is:
+---[RSA 4096]----+
|.o.=o |
|+ o o |
|=o.. = o |
|OEo o = + |
|oB o * oS= |
|+ o + =o= + |
|. o.+o= = . |
| ..+.o o o |
| o.. |
+----[SHA256]-----+
You can see a similar output in your terminal after generating an SSH key pair.
Step 4: Verify the Key Pair
Now that you have generated the ssh key pair, it is time to verify the key pair is successfully generated. To verify, navigate to the directory where you specify the key location.
You can also see the key pair location in the output of your Linux terminal.
If you use the default key pair location, use the following command to verify the key pair.
ls ~/.ssh/You should see two file names id_rsa (private key) and id_rsa.pub (public key) in the directory.
You have successfully generated SSH key pair if you can see these files.
How to Generate SSH Key on Windows
If you use a Windows system, you can generate ssh key pair in Windows by installing OpenSSH in Windows PowerShell with the same steps as in Linux.
Suggested Read
Another way to generate ssh key pair in Windows is to use PuTTYgen. To use PuTTYgen, you need to install PuTTY in Windows. PuTTYgen comes with PuTTY. You can download PuTTY from its official website.
Step 1: Open PuTTYgen
Open PuTTYgen software to generate the ssh key in Windows.
Step 2: Generate SSH Key Pair
Once you open PuTTYgen, select key type RSA and bit size 4096 for a more secure key in the window.
Now click generate to generate random key pair. You will prompt to move your cursor in a blank space to create some randomness in the ssh key pair. So move your cursor randomly to finish the generation.
Step 3: Save The key pair
Now that you have generated the ssh key pair, you need to store the key pair. You can use a passphrase to add an extra security layer.
Save both public and private keys to a secure destination.
Conclusion
SSH-Keygen command and PuTTYgen are powerful tools for generating an SSH key pair. To enable ssh key authentication, you need to copy the public ssh key to the remote server. To copy the public to a remote server, read our article about copying the ssh public key.
