How to create ssh public/private keys on command line

By on

Command line utility ssh-keygen can be used to generate rsa or dsa public and private keys. By default it generates rsa keys. Here are commands to generate keys pairs.

Generate default rsa keys in specifed file

This will put current userid in comment part in public key.

$ ssh-keygen -f mykey
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in mykey.
Your public key has been saved in mykey.pub.
The key fingerprint is:
SHA256:KOdKc1P01vdzFihC3/GUKVZmeyZTCdJFsgeN+ZbBc9s user1@MyHomeMac.local
The key's randomart image is:
+---[RSA 2048]----+
|           ..+O*o|
|            .+BB=|
|        ..   =+*X|
|       o....o BOE|
|    . o S.oo.ooo |
|     + . .. .. ..|
|    o +        .+|
|   . + .       .o|
|    .            |
+----[SHA256]-----+

You can specify a passphrase or leave empty to have key without passphrase. It is better to specify a passphrase unless you are generating the key for automation purpose.

Once done you can see that two files got generated in current directory. The private key is only readable and writable by owner.

$ ls -ltr
total 32
-rw-r--r--  1 user1  staff   404 Dec 16 14:52 mykey.pub
-rw-------  1 user1  staff  1675 Dec 16 14:52 mykey

To generate dsa key

$ ssh-keygen -t dsa -f mykey

Generate 4096 bits rsa key

Default key is 2048 bits which is generally sufficient. In case you need 4096 bits keys use the following command.

$ ssh-keygen -t rsa -b 4096

Generate rsa key with comment

Comment gets appended to the public key as shown below. This is useful in case you are generating key for some other user and want to have relevant comment. This may also be useful for maintaining multiple keys.

$ ssh-keygen -f mykey -C "my-first-key"
cat mykey.pub 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDyhYUmL52LxTfpnTaD/TalpMjFSkaZklY9x+8H3c6C40ZRHI3/fMfwdP96PyO3Zlap0402nBT8QpWFMrMNtfyJC43vt87wqG1prIw0OGsMboFO+6x5F8VXH7fSap+/W8LaTEJ+nuNJN3AdjByHVYXk+s6HZHY6HJTGJoY94Pwde+3WW4ma4wSdF4FXHePC6U9tVDLt9koESMl8k3Qr12GxR3/vz7QaCYTAvNvvyNlTPjJTsocnC8wfMAeUuaqmNvl1tsRcHwx/gteFHiJyeQx6SYblIJc3XI8AfzR3EwXmgdIWUlCm1bX8J8CPVbEo1w8xhr+wQO8RiYExyQfnITFp my-first-key

Suggested posts:

  1. How to setup password less git push for github
  2. How to check if an ssh key has passphrase
  3. How to locally override website domain (or hostname) to IP mapping
  4. Generate ssh public key from private key on command line
  5. How to use pm2 to manage node.js application in production
  6. Mysql – display row count and size of tables
  7. CSS – how to align image and text in center vertically
  8. Curl – follow redirects
Share this article: share on facebook share on linkedin tweet this submit to reddit
Posted in | Tagged , , , , , ,