Command line utility
ssh-keygen can be used to generate rsa or dsa public and private keys. By default it generates rsa keys. Here are commands to generate keys pairs.
Generate default rsa keys in specifed file
This will put current userid in comment part in public key.
$ ssh-keygen -f mykey Generating public/private rsa key pair. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in mykey. Your public key has been saved in mykey.pub. The key fingerprint is: SHA256:KOdKc1P01vdzFihC3/GUKVZmeyZTCdJFsgeN+ZbBc9s user1@MyHomeMac.local The key's randomart image is: +---[RSA 2048]----+ | ..+O*o| | .+BB=| | .. =+*X| | o....o BOE| | . o S.oo.ooo | | + . .. .. ..| | o + .+| | . + . .o| | . | +----[SHA256]-----+
You can specify a passphrase or leave empty to have key without passphrase. It is better to specify a passphrase unless you are generating the key for automation purpose.
Once done you can see that two files got generated in current directory. The private key is only readable and writable by owner.
$ ls -ltr total 32 -rw-r--r-- 1 user1 staff 404 Dec 16 14:52 mykey.pub -rw------- 1 user1 staff 1675 Dec 16 14:52 mykey
To generate dsa key
$ ssh-keygen -t dsa -f mykey
Generate 4096 bits rsa key
Default key is 2048 bits which is generally sufficient. In case you need 4096 bits keys use the following command.
$ ssh-keygen -t rsa -b 4096
Generate rsa key with comment
Comment gets appended to the public key as shown below. This is useful in case you are generating key for some other user and want to have relevant comment. This may also be useful for maintaining multiple keys.
$ ssh-keygen -f mykey -C "my-first-key" cat mykey.pub ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDyhYUmL52LxTfpnTaD/TalpMjFSkaZklY9x+8H3c6C40ZRHI3/fMfwdP96PyO3Zlap0402nBT8QpWFMrMNtfyJC43vt87wqG1prIw0OGsMboFO+6x5F8VXH7fSap+/W8LaTEJ+nuNJN3AdjByHVYXk+s6HZHY6HJTGJoY94Pwde+3WW4ma4wSdF4FXHePC6U9tVDLt9koESMl8k3Qr12GxR3/vz7QaCYTAvNvvyNlTPjJTsocnC8wfMAeUuaqmNvl1tsRcHwx/gteFHiJyeQx6SYblIJc3XI8AfzR3EwXmgdIWUlCm1bX8J8CPVbEo1w8xhr+wQO8RiYExyQfnITFp my-first-key