A SSH key can be used as a means of identification, fx. when logging into a cloud-server. It is considered a very safe way of identifying yourself.

A SSH-key consists of two files – an id_rsa and a id_rsa.pub.

The id_rsa is your private key, which you should never share with anyone. The id_rsa.pub is your public key, which you can share with anyone who wants to grant you access to their systems. 

Prerequisites

Let's start by checking your current ssh system status. Open terminal (if you're running Windows 10, you should use bash in the Linux Subsystem) and type:

cd ~/.ssh

If you did already have an .ssh folder, you might want to check if it also already contains a key. Type:

ls -Fla

If the file listing shows you already have an id_rsa and id_rsa.pub file, you should be able to use these rather than creating new ones. You may also delete the existing ones, but be very careful – you might be using them to access secured systems somewhere. Take your time to investigate this, before you move on.

If you get a warning, then you don't have the .ssh folder already. You can then create it by typing:

mkdir ~/.ssh

Create your SSH key

In terminal type:

ssh-keygen -t rsa -b 4096 -C "#YOUR-EMAIL#"

Should look something like this:

ssh-keygen -t rsa -b 4096 -C "martin@parentnode.dk"

The process is going to ask you to save in the default location. Press [ENTER] to confirm.

It will also ask for a passphrase. Use a secure password for your passphrase to increase the security of your new SSH key.

For Windows users

If you have generated your SSH-key via the Linux Subsystem, your id_rsa and id_rsa.pub will now be located deep down in the belly of the file system, which is impractical. 

To make the files more easily available in Windows, you can copy your .ssh folder into your Windows user folder. Make sure that an .ssh folder does not already exist in your Windows user folder, and run the following command in bash:

cp -r ~/.ssh /mnt/c/Users/#username#/

Before Windows 10, the preferred method for creating SSH-keys on Windows was the program PuTTY, which uses a different key file format (.ppk) than the standard OpenSSH format. 

Certain Windows programs, notably HeidiSQL, use the PuTTY format, so you might need to download PuTTY in order to convert your SSH-key into .ppk format.

Trouble shooting

In case you are experiencing any problems with your new key, you might want to check the file-permissions, which is a common cause of problems. By running the following three commands, you are resetting the permissions to SSH key standard.

chmod 700 ~/.ssh chmod 644 ~/.ssh/id_rsa.pub chmod 600 ~/.ssh/id_rsa