•  Home
  •  Dashboard
  •  Company
    • About Us
    • Blog
    • Careers
    • Contact Us
    • Data Centers
    • Looking Glass
    • Network
    • Reseller
  •  Hosting Services
    • Infrastructure
      • iColocation
    • Compute
      • cMetal
      • cVirtual
    • Storage
      • sObject
      • sBlock
    • Networking
      • nCDN
      • nIP Transit
      • nWavelength
    • Protection
      • pBackup
      • pDDoS
  •  Solutions
    • Ecommerce
    • Finance
    • Gaming
    • Hosting
    • Management
    • Security
    • System Integrator
  •  Support
    • Community
    • Knowledge Base
    • Open A Ticket
  •  USA & Canada: 800-933-1517
  •  International: 626-549-2801
  •  Email: sales@psychz.net
  • Services
    • new-colocation-header-img
      Infrastructure
      • iColocation
    • new-compute-header-img
      Compute
      • cMetal
      • cVirtual
    • new-storage-header-img
      Storage
      • sObject
      • sBlock
    • new-networking-header-img
      Networking
      • nCDN
      • nIP Transit
      • nWavelength
    • new-protection-header-img
      Protection
      • pBackup
      • pDDoS
  • Solutions
    • Ecommerce
    • Security
    • Gaming
    • Hosting
    • Management
    • Finance
    • System Integrator
  • Dashboard

How to generate SSH Keys on Linux?

  • Home
  • Client
  • Knowledgebase
  • Linux
  • How to generate SSH Keys on Linux?

Table Of Content

Related Articles

  • Linux File Permissions Cheat Sheet
  • The ELK Stack: Elasticsearch, Logstash, Kibana.
  • How to install Node.js on AlmaLinux 8
  • Firewalld commands for CentOS 7 and CentOS 8
  • Managing systemd services and units using systemctl commands
  • How to check RAM for error using Ubuntu Live CD?
  • How to remotely connect to a Linux machine using a smartphone?
  • Unable to Access The Server Via SSH
  • How to clone and migrate a Linux hard drive to another server?
  • SCP Command Syntax Examples in Linux
  • Whitelisting Edge Server IPs
  • traceroute in Linux
  • Ubuntu remove mysql
  • ssh host key verification failed error
  • logrotate
  • How to rsync two directories
  • setup hourly crontab
  • Views: (2083)
  • Votes: (0)
Was this article helpful?
VOTE

How to generate SSH Keys on Linux?

Publisher: Psychz Networks,  July 05,2023

  • Requirements
  • Setup Key
  • Copy Key

Creating an SSH key pair is a fundamental process for securely accessing remote servers and systems. SSH (Secure Shell) key pairs consist of a public key and a private key. The public key is shared with the remote server, while the private key is kept on your local machine. In the following article we will help you create SSH keypair in few simple steps.

Requirement

Before we begin, please make sure you have the following key elements and previledges on your client and Host servers.

To create SSH keys, you typically need the following prerequisites:

  1. SSH Client: Ensure that you have an SSH client installed on your local machine. Most modern operating systems, such as Linux, macOS, and Windows (with the help of third-party tools like PuTTY), come with SSH clients pre-installed.

  2. Access to a Remote Server: You should have access to a remote server or system where you want to authenticate using SSH keys. You will need to log in to that server with your username and password or an existing method of authentication.

  3. Permission on the Remote Server: Make sure you have sufficient permissions on the remote server to add or modify SSH authorized keys. Typically, you'll need administrative or superuser privileges (e.g., sudo) or access to your user's home directory.

With these prerequisites in place, you can proceed with generating SSH keys using the appropriate commands for your operating system.

Setup SSH Key

SSH, or secure shell, is an encrypted protocol to administer and communicate with servers. When working with a Linux server, you will spend most of your time in a terminal session connected to your server through SSH.

This guide focuses on setting up SSH keys for Linux installation. SSH keys provide a secure way of logging into your server and are recommended for all users.

Creating the Key Pair

The first step is to create a key pair on the client machine (usually your computer):

# ssh-keygen

By default, recent versions of ssh-keygen will create a 3072-bit RSA key pair, which is secure enough for most use cases (you may optionally pass in the -b 4096 flag to create a larger 4096-bit key). After entering the command, you should see the following

Generating public/private rsa key pair.
Enter file in which to save the key (/your_home/.ssh/id_rsa):
Press enter to save the key pair into the .ssh/ subdirectory in your home directory, or specify an alternate path.

You should then see the following prompt:

Enter passphrase (empty for no passphrase):
Here you optionally may enter a secure passphrase, which is highly recommended.

You should then see the output similar to the following:

Your identification has been saved in /your_home/.ssh/id_rsa
Your public key has been saved in /your_home/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:/hk7MJ5n5aiqdfTVUZr+2Qt+qCiS7BIm5Iv0dxrc3ks user@host
The key's randomart image is:

+---[RSA 3072]----+
| .|

| + |
| + |
| . o . |
|o S . o |
| + o. .oo. .. .o|
|o = oooooEo+ ...o|
|.. o *o+=.*+o....|
| =+=ooB=o.... |
+----[SHA256]-----+

You now have a public and private key that you can use to authenticate. The next step is to place the public key on your server so that you can use SSH-key-based authentication to log in.

Copying the Public Key to Your Linux Server

The quickest way to copy your public key to the host is to use a utility called ssh-copy-id. Due to its simplicity, this method is highly recommended if available. Suppose you need to have ssh-copy-id available to you on your client machine. In that case, you may use one of the two alternate methods in this section (copying via password-based SSH or manually copying the key).

Copying the Public Key Using ssh-copy-id

The ssh-copy-id tool is included by default in many operating systems, so you may have it available on your local system. For this method to work, you must already have password-based SSH access to your server.

To use the utility, specify the remote host you would like to connect to and the user account to which you have password-based SSH access. This is the account to which your public SSH key will be copied.

The syntax is:

# ssh-copy-id username@remote_host

You may see the following message:

The authenticity of host '123.456.789.0' can't be established.
ECDSA key fingerprint is fd:fd:d4:f9:77:fe:73:84:e1:55:00:ad:d6:6d:22:fe.
Are you sure you want to continue connecting (yes/no)? Yes

This means that your local computer does not recognize the remote host. This will happen the first time you connect to a new host. Type "yes" and press ENTER to continue.

Next, the utility will scan your local account for the id_rsa.pub key we created earlier. When it finds the key, it will prompt you for the password of the remote user's account:

/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys

username@123.456.789.0's password:

Type in the password (your typing will not be displayed, for security purposes) and press ENTER. The utility will connect to the account on the remote host using the password you provided. It will then copy the contents of your ~/.ssh/id_rsa.pub key into a file in the remote account's home ~/.ssh directory called authorized_keys.

You should see the following output:

Number of key(s) added: 1


Now try logging into the machine, with: "ssh 'username@123.456.789.0'" and check to make sure that only the key(s) you wanted were added.

Related Articles

  • Linux File Permissions Cheat Sheet
  • The ELK Stack: Elasticsearch, Logstash, Kibana.
  • How to install Node.js on AlmaLinux 8
  • Firewalld commands for CentOS 7 and CentOS 8
  • Managing systemd services and units using systemctl commands
  • How to check RAM for error using Ubuntu Live CD?
  • How to remotely connect to a Linux machine using a smartphone?
  • Unable to Access The Server Via SSH
  • How to clone and migrate a Linux hard drive to another server?
  • SCP Command Syntax Examples in Linux
  • Whitelisting Edge Server IPs
  • traceroute in Linux
  • Ubuntu remove mysql
  • ssh host key verification failed error
  • logrotate
  • How to rsync two directories
  • setup hourly crontab
  • Views: (2083)
  • Votes: (0)
Was this article helpful?
VOTE
Copyright © 2025 Psychz Networks,
A Profuse Solutions Inc Company
Hosting Services
Infrastructure
  • iColocation
Compute
  • cMetal
  • cVirtual
Storage
  • sObject
  • sBlock
Networking
  • nCDN
  • nIP Transit
  • nWavelength
Protection
  • pBackup
  • pDDoS
Company
  • About Us
  • Blog
  • Careers
  • Contact Us
  • Data Centers
  • Looking Glass
  • Network
  • Reseller
Policies
  • Acceptable Usage Policy
  • Privacy Policy
  • Service Level Agreement
  • Terms and Conditions
Support
  • Community
  • Knowledge Base
  • Open A Ticket
Get In Touch
  • Psychz Networks,
    A Profuse Solutions Company
    611 Wilshire Blvd #300
    Los Angeles,California 90017
    USA
  • US/Canada: 800-933-1517
  • International: 626-549-2801