SSH keys can be used to establish a secure connection with a remote server. You can use your own private SSH-key to establish a secure connection to your own Linux-servers via SSH or SFTP. SSH-keys are also used by many services for example Github.
The standard OpenSSH suite of tools contains the
ssh-keygen utility, which is used to generate key pairs. OpenSSH is built into most modern operating-systems like for example Apples macOS. Run it on your local computer to generate a 2048-bit RSA key pair, which is fine for most uses.
This command will generate two files, the private key called
id_rsa and the public key (also known as the keyhole) called
The public key is the file you can share with others; put it on your servers and upload it to Github etc. The private key however is your secret private key, and must never be shared.
It’s pretty simple to generate a new key pair, just open a terminal on your Linux or Mac and type:
ssh-keygen -t rsa -C "[email protected]"
Once you have selected a location for the key, you’ll be prompted to enter an optional passphrase which encrypts the private key file on disk.
If you enter one, you will have to provide it every time you use this key (unless you are running SSH agent software that stores the key). We recommend using a passphrase, but you can press
ENTER to bypass this prompt, without a passphrase.
The passphrase is just an extra added security measure, so if your key gets stolen, it is useless unless the passphrase is also known.