Public and private SSH key pair can be used for public key authentication method in SSH. A keypair could optionally be protected by a passphrase. If no passphrase is set on the public and private SSH key pair, a public key authentication method could be used to automate remote command execution and file transfer.
You can create public and private SSH key pair using the ssh-keygen program. ssh-keygen is normally bundled with SSH client packages and is included in most Linux distributions by default.
You can create an SSH key pair by running ssh-keygen at the terminal.
$ ssh-keygen Generating public/private rsa key pair.
ssh-keygen will generate a 2048 bit rsa key pair if no option is specified. You can change the key's bit size and type by using -b and -t options respectively as the following example.
$ ssh-keygen -b 521 -t ecdsa
Possible values for key types are dsa, ecdsa, ed25519 and rsa.
Enter file in which to save the key (/home/user/.ssh/id_rsa):
Default location is in the .ssh folder in your home directory and default filename is id_<key_type>.
Enter passphrase (empty for no passphrase): Enter same passphrase again:
Don't enter any passphrase if you want to use the key for passwordless SSH login
Related: How to SSH without password
Your identification has been saved in /home/user/.ssh/id_rsa. Your public key has been saved in /home/user/.ssh/id_rsa.pub.
The public key will have .pub extension appended to the file name
The key fingerprint is: SHA256:iiaD/fAzINYAP1MSUD3r0J9750Gpb1MMRvlERe2Yu+c user@host The key's randomart image is: +---[RSA 3072]----+ |.ooo o.oo. | |. . + o . .| |.. + o . o + | | .= o o.. o .| | o= . .S.oo . | |.+....o. o o . | |o.=.o ... .. . | | Bo . ..+. . .| | oo . +o. oE| +----[SHA256]-----+
$ ls -l ~/.ssh/id_rsa* -rw------- 1 user user 2590 Sep 29 11:22 /home/user/.ssh/id_rsa -rw-r--r-- 1 user user 563 Sep 29 11:22 /home/user/.ssh/id_rsa.pub
Note that the private key (/home/user/.ssh/id_rsa) has a very strict permission where only the owner has read and write permission whereas group and other users doesn't have any permissions associated to them.
|Red Hat Enterprise Linux|
|SUSE Linux Enterprise Server|
Comment anonymously. Login not required.