FreeKB - ssh-keygen command (create a public / private key pair)
SSH - ssh-keygen command (create a public / private key pair)

The ssh-keygen command is used to create a public certificate and private key pair. The key pair is intended to be used for making a connection to an SSH server. By default, an RSA keypair will be created.

ssh-keygen
. . .
Generating public/private rsa key pair.

 

Or, the -t (type) option can be used to specify the type, such as -t rsa or -t dsa. When prompted where to save the file, press enter to use the default file name and directory, or type your preferred directory and file name.

[root@server1 ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/jeremy.canfield/.ssh/id_rsa):

 

It is always recommended to secure the keypair with a strong, unique passphrase.

Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):

 

The public certificate and private key are created.

Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
a6:4e:fd:17:67:69:19:b5:22:0a:16:53:cf:47:b3:b3 root@server1
The key's randomart image is:
+--[ RSA 2048]----+
|        ..   o   |
|       o  o . o .|
|        o  o + ..|
|       o   ...+. |
|      . S . .E.+ |
|       + .  . *  |
|      o .    =   |
|     o   .  .    |
|      .   ..     |
+-----------------+

 

If the private key already exists, such as id_rsa, you can create the public certificate using the private key, like this.

ssh-keygen -y -f ~/.ssh/id_rsa > ~/.ssh/id_rsa.pub

 

If your SSH server is OpenSSH, you can add the public certificate to the authorized_keys file on the OpenSSH server. If the OpenSSH server is configured to accept connection using a public / private key pair, you should be able to connect to the OpenSSH server with the public / private key pair you just created.

 



Add a Comment




We will never share your name or email with anyone. Enter your email if you would like to be notified when we respond to your comment.




Please enter 1b05b in the box below so that we can be sure you are a human.




Comments

Web design by yours truely - me, myself, and I   |   jeremy.canfield@freekb.net   |