Generating DSA or RSA SSH Keys

From: original link
Generating Keys
The first step involves the generation of a set of DSA or RSA keys for use in authentication. Typically, you would do this on the machine you intend to use for logging into all other machines, but this does not matter too much, as you can always move the keys around to other machines as needed.

To generate a set of DSA or RSA public/private keys, use the following command:

ssh-keygen -t rsa


ssh-keygen -t dsa

You will be prompted for a location for saving the keys, and a passphrase for the keys. When choosing the passphrase for the keys, pick a very strong passphrase, and remember, or note it in a secure place. This passphrase will be required to use the keys every time you need to login to a key-based system:

Generating public/private rsa key pair.
Enter file in which to save the key (/home/username/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/username/.ssh/id_rsa.
Your public key has been saved in /home/username/.ssh/

Locating the Keys on Remote Computers
Assuming the remote computers you wish to use the keys for have running ssh daemons already, then locating your public portion of the key pair on those machines is quite simple. For example, if you’d like to begin using key-based logins as user username on a remote machine named host, and host is running sshd, and reachable by name on your network, simply use the ssh-copy-id command to properly locate your key:

ssh-copy-id -i ~/.ssh/ username@host


ssh-copy-id -i ~/.ssh/ username@host

Testing the Login
Next, you need to test the login, by attempting a connection to the machine and using your passphrase to unlock the key:

ssh username@host

You will be prompted for the passphrase for your key:

Enter passphrase for key ‘/home/username/.ssh/id_rsa':

Enter your passphrase, and provided host is configured to allow key-based logins, you should then be logged in as usual.

Leave a Reply