Generate SSH Key – Linux, Mac and Windows

 
 

In this quick tutorial, Generate SSH Key, we will learn more exactly how to generate a SSH Key in Linux or Mac using a terminal window and also in Windows using Putty. Before we start our little journey we should be clear about one thing, all SSH Keys consists of two parts, a Private Key and a Public Key. In this article we’ll generate both these keys and we’ll learn the importance but also the difference between these two.

What is a Pivate Key

As we said in our introduction a SSH Key contains a Private Key and a Public Key. The Private Key is the part that’s most important in terms of security, this key is really unique and being private it means that only we should be in possession of our private key and no one else. If we loose our private key it means basically that we’ll never be able to log back in into that server again unless we have a backup solution like access to root account, some other user that may update our public key or another password enabled user having sudo privileges. Shortly we need to make sure that our private key never leaves our computer or personal smartphone under any circumstances.

What is a Public Key

The Public Key is the second part of an SSH Key and this will be generated automatically as part of the same process. When someone will ask us to provide our key we need to give them the public key, never ever our private key. Both these unique keys, private and public, represents a pair that must match. If any of these aren’t part of that pair the authentication process will fail as the keys doesn’t match. We must think about these keys as the key to our home door and door lock, both must match in order to get inside the house.

Generate SSH Key in Linux and Mac

Now that we’ve covered the basics of SSH Keys let’s jump straight to the next step of our quick tutorial, generate SSH Key, we’ll start this by generating a pair of keys in Linux and Mac. Let’s open a terminal window and make sure that we are logged in as the user that we’ll be generating the SSH Keys for, in this example the user will be called dummyuser. We will start by running the below command in our terminal window.


$ ssh-keygen

The output of our command should look something similar to this:


Generating public/private rsa key pair.
Enter file in which to save the key (/home/dummyuser/.ssh/id_rsa):
Created directory '/home/dummyuser/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/dummyuser/.ssh/id_rsa.
Your public key has been saved in /home/dummyuser/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:zpBzDVAbyCVrAu26JoCXiYZ2DCsLurfkHh2NMh7BY6k dummyuser@hostname
The key's randomart image is:
+---[RSA 2048]----+
|    o=+.         |
|     .o+         |
|+     +          |
|O* o + +         |
|@oX + * S        |
|*+o+ . *         |
|oB=E.   o        |
|o=Bo.            |
| o+              |
+----[SHA256]-----+

Now let’s explain very quickly the output of our command. First of all we must say that we have used the defaults of this command, we haven’t changed the name of our output files or added any passphrase to our pair of keys, we just used the Enter key until we’ve got back to our shell prompt ($). As you can see the ssh-keygen command generated two files for our dummyuser, one of the files being named id_rsa which is our private key and a second file named id_rsa.pub being our public key. Both keys were exported in a directory called .ssh, having the full path /home/dummyuser/.ssh/ if we’re using a Linux OS or /Users/dummyuser/.ssh/ if we’re a MacOS user. No worries, we can always use a shortcut like ~/.ssh/ on both cases, Linux or Mac. If you don’t have a .ssh directory on you home user directory don’t try to create one as this will be automatically generated by ssh-keygen command as part of the process.

View SSH Keys in Linux and Mac

All good so far, now let’s view our private and public keys. To view the private key we will invoke cat command in our terminal window as shown in the command below.


$ cat ~/.ssh/id_rsa

The private key signature should look something similar to this, as we said this key is unique and must be kept safe on our laptop or smartphone making use of it anytime we need to connect to a remote server. We won’t give our private key to anyone, who owns our private key may use it to connect to any servers that we have access to.


-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAwrwdRdF2WMHTvpCIM6K8pLHEPJy+woe+kBIefvAfD+ia5CSJ
zb938L6vJM5SZJgs+VjTFbzm3iZZR0k9j+foTt4ent/yB0LphBiV+Sgg3l+ftCM/
IIejvZks/UibrZHxEH3nzg6BDgc/yHP5lrHv29GfC9lpFZbdK+9AsK6gQSv1PRUd
BmM+hHqqWVNAwZoMUq8dX328k4J3bwghQACYbhTzuUTUzGrAvo/nDWWG7kMiIlvQ
cstUEWWgktqCOQ7ExMWvfNID7YGWeJNbbotATtSgS2SDhYLLGw600Wm5pgAS70Dq
cFj1962IP6OksZD2yWKfrkvZETDTpfhnEE1QlwIDAQABAoIBACe675H+EVI8gXIA
1PkL+8bySeI/7J+NyHBmcfheD0hUob1oQwFKTjM9BEjTG3ZQoeRhnfdyafvrAQ4N
QFUq8Hee08qAUEXw/emohnimGkakZdX/1vJRGjQlm0s11CVOgEtoFLIyvVvaWMYR
+1smhJRpqTRmsAzqkcdT8fPaPPHupeCbUDZfedRvaKTRSkz8josB5ZlteZTyL9Zp
sYv/+pkXyjFyQaoVmHh7HvMS+eNaYFY9a1NQp6LKlYrWZId2kxW8dPeQFCUyst5l
Bax7cNFN1x6wA48CTT1Jr8QTYv7qPQftxwGO6oSto0TnR+UHESKuNujIv8aZBXbd
MoxkgOkCgYEA5Nb/xBK3z22P0gU8UNsA4DZ12txA/kfnvPI5SCKlurmQil1Gee+0
DGz5aSlb6a5ubthQUBJnYvrOl0Zu3ClGb+OZOd35lWMRcZL/jZK+rKXew4BdgPu1
J+eKQFo1s/oGo9WZJFi797ziaM+yKDPZg4QW/jEZn4h5Qp6zuiPyEMMCgYEA2djg
7e6j590XlmeepB2vEKnRhAEte96+w+VVoteFDVuibUedHFgfjlAGlTTuMrIvMJtJ
I/bbxua4ktWtxYpQfJ7caoP2tQL27hlyGyQXhv2D6sJtpX0cuXnNr+FExgF+ohUj
/mTZb22VpjbSDXVBPYOIN2HmkYqKMIQbKMRSQ50CgYEA0v82BoinuHcx05kGOxsj
HJi6ZBkPSCXukzXYAR4JJzjv/9PvJoEQxyA3e3IqEDXIFyYWLy4463eLwsmrcA4S
pxn47vUvqkEVFV5PiS7T5oZt9l7GWCY9q1R/EcTbnV2cf7VzpaK3db5QGAnhH9Zm
6S+Cr89/66u++uEvoCKCkFcCgYBqCIk65mv7IH8poxfxc81RRAcJxHT6FOoveYHc
OCC35sFBhZjwQehiIYuCtne2T0pu0zaffbltr8FpHv5s5yzT65MHeWHsqxu7usDy
evfEqcK60pYB9cq0cJfwIqqR4gpcJAQX/8hh1yn+9DH7gPYXVd1Ib6uFbbRjdvmt
Nxl/dQKBgQC6v97uzbarDN636fsOakPf9ujz0P+ue/Yxv8wqgCl80zMDybSRb9ps
KgV2Nnpo56DJaxZK5RgaB25jIaki5l2hDVUt8qeWXNm36jymc8kzl+HB6E95f5i6
erDKtRbY/RhHLhD4CQaxCfVxCvhxJcyt/HVnkqQqsf05FdEiRFb0Pw==
-----END RSA PRIVATE KEY-----

Now let’s see our public key by invoking the same cat command but this time for the id_rsa.pub file like shown in the example bellow.


$ cat ~/.ssh/id_rsa.pub

Our public key should look similar to this one below.


ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDCvB1F9XZYwdO+kIgzorykscQ8nL7Ch76QEh5+8B8P6JrkJInNv3fwvq8kzlJkmCz5WNMVvObeJllHST2P5+hO3h6e3/IHQumEGJX5KCDeX5+0Iz8gh6O9mSz9SSutkfEQfegODoEOBz/Ic/mWse/b0X8L2WkZlt0r70CwrqBBK/U9FR0GYz6EeqpZU0DBmgxSrx1ffbyTgndvCCFAAJhuGPO5RNTMasC+j+cNZYbuQyIiW9Byy1QRZaCS2oJ5DsTExa980gPtgZZ4k1tui0BO1KBLZIOFgssbDrTRabmmABLvQOpwWPX3rYg/o6SxkPbJYp+uS9kRMNOl+GcQTVCX dummyuser@hostname

This key will be copied and handed for use on third party servers, when someone asks about our SSH Key we’ll give them this key, this is our public key and should be publicly exposed on the servers that we need access to.

We have now covered more than half of our quick tutorial named “Generate SSH Key”, in the next part of it we’ll learn how to generate the same keys but in Windows this time.

Generate SSH Key in Windows with Putty (PuTTYgen)

On this second part of our tutorial we’ll learn how to generate SSH Key on Windows using Putty, the principle is the same as for Linux and Mac but the difference is that we’ll be using a 3rd party tool like PuTTYgen to generate SSH key pairs.

If you don’t have already Putty or PuTTYgen installed on your device then let’s download the latest Putty package that contains PuTTYgen utility from this link, no worries Putty is free to download and use, no personal details or email required.

We have now to open PuTTYgen by accessing Start menu > All Programs > PuTTY > PuTTYgen, we should see the next window on our screen.

Generate SSH Key - PuTTYgen Window 1

Click on Generate button in order to start our process to generate ssh key. Randomly move you mouse over the free window area to generate the random signature for our keys, public and private one.

Generate SSH Key - PuTTYgen Window 2

Once the progress bar is filled up then we may proceed with our next step, saving the keys. Click on [Save public key] and store this key in a folder, repeat this action by clicking on [Save private key] button to save our Private Key.

Generate SSH Key - PuTTYgen Window 3

Conclusion

We’re done, in this tutorial called “Generate SSH Key” we have covered the process of generating SSH Pair Keys in Linux and Mac using terminal window and also in Windows by using Putty utility.

Video

No video posted for this page.

Screenshots

No screenshots posted for this page.

Source code

No code posted for this page.

About this page

Article
Generate SSH Key – Linux, Mac and Windows
Author
Category
Published
09/02/2018
Updated
05/11/2018
Tags

Share this page

If you found this page useful please share it with your friends or colleagues.