Last updated on May 19th, 2019 at 06:05 pm
We can generate ssh key pair on Unix using ssh-keygen utility. This comes under openssh in all Unix flavour
- Run the ssh-keygen
ssh-keygen -b 2048 -t rsa
rsa : it is the algorithm for generating the public -private key pair
2048 : it is bit size
ssh-keygen -b 2048 -t rsa Generating public/private rsa key pair. Enter file in which to save the key (“your_local_home”/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in id_rsa. Your public key has been saved in id_rsa.pub. The key fingerprint is: 17:6a:e3:78:ab22d:0c:8e:f9:67:f1:30:32:64:89:34 orac@serv1
- The command prompts you to enter the path to the file in which you want to save the key. A default path and file name are suggested in parentheses. For example: /home/user_name/.ssh/id_rsa. To accept the default path and file name, press Otherwise, enter the required path and file name, and then press Enter.
- The command prompts you for a passphrase. Enter a passphrase.
Note that the passphrase isn’t displayed when you type it in. Remember the passphrase. If you forget the passphrase, you can’t recover it.
- When prompted, enter the passphrase again to confirm it.
The command generates an SSH key pair consisting of a public key and a private key, and saves them in the specified path. The file name of the public key is created automatically by appending .pub to the name of the private key file. For example, if the file name of the SSH private key is id_rsa, then the file name of the public key would be pub.
- write down the path where you’ve saved the SSH key pair.
Now this key pair can be used to login to another unix system. We need to copy the public keys to the another unix system authorized keys file
cat ~/.ssh/id_rsa.pub | ssh <user>@<hostname> 'umask 0077; mkdir -p .ssh; cat >> .ssh/authorized_keys && echo "Key copied"'
Now you can login to another system using the command
ssh <user>@<hostname> -i <private key>
Hope you like the post. Please do provide the feedback