Creating SSH keys on Linux, Mac and Windows. We explain the process to create an SSH key locally and use it when logging in to remote servers, so that we can increase the security of connections.
The key creation process is quite simple on Linux and a bit more cumbersome on Windows, since you have to use particular software. Anyway, it’s pretty fast. We are going to summarize it with some extra notes to clarify possible doubts.
For general knowledge, the SSH key is made up of two files, one with the public key and the other with the private key. The public key is the one we have to use when necessary, placing it in the appropriate place when requested. However, the private key is something that must be kept safe and taken care that it is not accessible by other people. Public and private key have the same file name, although the public key will have a “.pub” extension, so we can easily distinguish it.
An SSH key can be used multiple times, so you could configure them to access multiple servers. There is also no problem creating multiple SSH keys on your system if necessary. Each would have that “public key/private key” pair set.
Create SSH key on Linux / Mac
To do this we use a system command: ssh-keygen. This command takes care of the key file creation process. When executed without parameters, it creates a key of type “RSA”.
ssh keygen
We can specify the type of the key with the -t parameter. So here we would also be creating an RSA key. ssh-keygen -t rsa
We can specify the number of bits in the key to be generated. For “rsa” keys the default value is 2048 bit, which is sufficient in most cases. The minimum value would be 1024 bits. Through the -b option we can configure it. This will create a 4096 bit key:
ssh-keygen -t rsa -b 4096
As you can see in the previous images, once this command is started, it will ask us for two things:
- The location to store the key and the file name.
- The key to be able to use this ssh key.
On these points it is important to know:
Path and name of the file to store the key
You can configure this part to your liking. Actually, when the ssh-keygen command is started it already suggests a folder where the ssh keys are usually stored and a file name. In most cases it is just accepting the proposal.
Note: The folder where the keys are stored is called “.ssh” and therefore it is a hidden folder, because it begins with “.”. As you can see, the .ssh folder is placed by default in your user’s folder.
I suggest you keep all the ssh keys in the folder that they indicate. However, you can change the file name if you wish and in fact it will be necessary in most cases, because generally you will have a key to access each server. Just remember the name of your key when configuring the systems, or when using it to log in to the remote server.
The name of the file or name of the ssh key is irrelevant and does not need a particular extension. For example in my case I could save them in this path and file name.
/Users/midesweb/.ssh/preproduction-server-ssh-key
The key associated with the key
The ssh key can be associated with a key created by yourself, so when someone uses the ssh key they will also have to provide the associated key.
The creation of the password for the key is merely optional. It’s interesting because it adds an extra level of security to your SSH key, so if someone gets it, they still can’t use the key if they don’t know your key. If you don’t put a password, you leave it blank, it simply won’t ask you anything when using the ssh key.
Obviously, if we put a key it will be even more secure, because apart from the ssh key file, a possible intruder would also need the key that was assigned at the time of creation.
However, I have to admit that having to write the key each time you access the server using the key is a bit tedious, so many times I don’t use it. Of course, you also have to assess the risks of losing or forgetting the key you just generated for the key, since if you don’t have the correct key, the ssh key will be useless.
In short, putting a key to this key is your decision. Only if you decide to create that key, save it well so you don’t lose it, because then you won’t be able to use the SSH key.
Use the SSH key
To use the key you simply have to locate the folder where the key was generated and find the file with the name of the key that ends with .pub.
When creating certain hosting services, or some Git services, you will be asked for your key. You will have to open the .pub, copy its content and paste it where prompted.
For the SSH example, once you have configured your key from the control panel of your hosting provider or cloud provider, you will have to indicate the name of your key to be able to login. You get it with a command like this:
ssh -i ~/.ssh/my_key_name user@255.255.0.1
With the above command you will use your SSH key named “my_key_name”, which is in the “~/.ssh/” folder, to connect to your server with IP 255.255.0.1 and with the username “user”.
If you configured a password for this key, the terminal will ask you to enter it before proceeding with the login.
Create ssh key from Windows
A popular program to SSH into Windows is Putty. When you install it comes another software that allows us to create keys, called Putty Key Generator, quite easy to use.
You find it from the Windows button, then searching for Putty, like “PuTTYgen”.
Once inside puttygen, to generate your key you can configure the type and select the number of bits at the bottom. This will usually be “RSA” and the default bit value is 2048.
Then you have to press the “Generate” button to start generating the key.
At this point, it will ask you to move the mouse pointer over the Puttygen window to create a random sequence.
Once the key is generated, the public key will appear on the screen. You can copy and paste its content and take it anywhere you need to configure this SSH key. You can also find a button to save your public key to a file, anywhere on your hard drive.
You will also have to keep your private key. There is another button just for that. Just remember where you left each file. With this you are done with all your work with PuttyGen.
Use the private key
To access the sites where you have configured the public key generated in the previous step, you have to use your private key. We do this inside Putty, the program that connects via SSH.
In Putty, in the configuration window is where you must indicate the private key that you are going to use to connect via SSH.
Note: The configuration window is the one that appears when you start Putty. Initially it allows you to enter the IP of the server you want to connect to, or the domain name of the server.
To configure our key we have to access the “Connection / SSH / Auth” configuration. There you will see a button that allows you to find the hard drive’s private key, to add it to your SSH login.
That is all! You were able to create your SSH key locally and use it to access a remote server. We hope this information has been useful to you!
Facebook Comments
Disqus