Skip to main content

Generate a SSH key

SSH keys

SSH keys offer a significant security advantage over logging in with user name and password and are therefore standard for the virtual (Linux) servers of ZfN.

The SSH key consists of a private and a public key. The private key is equivalent to a password and must therefore be kept safe - it should not be stored on a server. The public key is copied to the servers you want to access. You (usually) only need one SSH key, regardless of the number of servers.

The key pair is generated on your workstation or notebook, not on the server.

If several people have access to one server, each person generates his or her own key. The public keys are added to the file /root/.ssh/authorized_keys on the server - one key per line.

Gernerate a SSH Key

Linux: ssh-keygen

Open a command line (or terminal window) and type the following command:

ssh-keygen -t ed25519

Alternatively, you may use an RSA key ("-t rsa").

SSH-keygen asks for the location of the key (usually in ~/.ssh, the suggested file name is useful) and a password for the key. The key password should be set for security reasons.

Two files are generated: the private and the public key, the latter has the extension ".pub" and can be displayed as follows (if you have accepted the suggested file name)

cat ~/.ssh/id_ed25519.pub

or for RSA keys:

cat ~/.ssh/id_rsa.pub

When creating a new virtual machine, copy the contents of the .pub file to the fiels "SSH public key".

Windows: putty

The Windows program Putty contains both an SSH client and the key generator "puttygen". Putty can be downloaded as Windows installation package:

https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html

After the installation you start "puttygen" and create a new SSH key:

  • Select type (at the bottom): RSA or ED25519
  • click on "Generate"
  • insert a comment (the email address has proven to be useful here)
  • set a password for the key - for security reasons this is highly recommended
  • save private key and public key
  • copy the public key (or the value from the field "Public key for pasting into OpenSSH authorized_keys file") into the web form to create a new virtual server.

For detailed instructions on using SSH keys in Putty, click here:
https://the.earth.li/~sgtatham/putty/0.74/htmldoc/Chapter8.html