SSH-Keygen<\/h2>\n
You can use the man command below to understand the Or you can refer to the ssh-keygen online man page<\/a><\/p>\n Let’s look at different ways and options to generate SSH keys.<\/p>\n Follow the steps given below to create an SSH key.<\/p>\n Open the workstation terminal if you are using a laptop to Desktop.<\/p>\n If you are using a headless server, proceed to the next step.<\/p>\n Execute the following The ssh-keygen<\/strong> command will prompt for the following options.<\/p>\n You’ve successfully created an SSH key pair. You’ll find two files: Let’s take a look at an example The following command generates an SSH key named ssh-key in the Let’s understand the flags.<\/p>\n If you add the Linux username to the key file with For example,<\/p>\n If you don’t want a passphrase and create the keys without a passphrase prompt, you can use the flag Now that you have created the SSH key, you can use it as a server for SSH authentication.<\/p>\n Here is how you can do it.<\/p>\n Use Use the ssh command as given below<\/p>\n If you have saved the SSH key with a different name other than id_rsa to save it to a different location, use the following format.<\/p>\n For example,<\/p>\n SSH (Secure Shell) supports multiple key algorithms for better security. The following are the supported SSH key algorithms.<\/p>\n Choosing the algorithm depends on your security requirements. One real-world example is the Amazon ec2 ssh key pair. It supports ED25519 and 2048-bit SSH-2 RSA keys for Linux instances.<\/p>\n To check the algorithm of an existing key you can use the following command.<\/p>\n You can manually generate the SSH key using the ssh-keygen command. It creates the public and private in the $HOME\/.ssh location.<\/p>\n Yes. If you leave the passphrase prompt empty, the ssh keys get generated without any password. You can also pass the flag -q -N “” to the ssh-keygen command to avoid the prompt.<\/p>\n If you lose your private key, remove its corresponding public key from your server’s Yes, you can use the same public key on multiple servers. You just need to add it to each server’s It is advisable not to use any online services to create SSH keys. As a standard security best practice, use the ssh-keygen command to create the SSH key.<\/p>\n In this guide, we looked at important commands to create SSH public\/private key pairs. It adds a critical layer of security to your Linux systems.<\/p>\n When it comes to SSH keys, always follow the security best practices to avoid private key misuse.<\/p>\n If you are learning Linux, check out the Best Linux Networking and Troubleshooting Commands<\/a>.<\/p>\n Also, If you are starting your journey as a DevOps Engineer, check out my DevOps Engineer Roadmap<\/a>.<\/p>\nssh-keygen<\/code><\/strong> is the utility to create SSH keys. It is part of every Linux and MAC system.<\/p>\nssh-keygen<\/code><\/strong> utility and all available options.<\/p>\nman ssh-keygen<\/code><\/pre>\nSteps to Create an SSH Key<\/h2>\n
Step 1: Open the Terminal<\/h3>\n
Step 2: Generate the Key Pair<\/h3>\n
ssh-keygen<\/code><\/strong> command to generate the SSH key pair. It generates and saves the Keys in the default $HOME\/.ssh<\/code><\/strong> location. By default, the private key is named as id_rsa<\/code><\/strong> , and the public key is named as id_rsa.pub<\/code><\/strong><\/p>\nssh-keygen<\/code><\/pre>\nStep 3: Save the Key<\/h3>\n
\n
$HOME\/.ssh<\/code><\/strong><\/li>\n![\"SSH](\"https:\/\/storage.ghost.io\/c\/5f\/2f\/5f2f4d20-2abf-4534-8d40-7aa233aedd43\/content\/images\/2025\/03\/image-11-28.png\")
<\/figure>\nStep 3: Key Created<\/h3>\n
id_rsa<\/code> (private key) and id_rsa.pub<\/code> (public key), usually in the ~\/.ssh\/<\/code> directory.<\/p>\nGenerate SSH Keys With Custom Options<\/h2>\n
ssh-keygen<\/code> command to generate SSH keys with custom options.<\/p>\n$HOME\/.ssh<\/code> location with username vagrant<\/code> with -C flag and passphrase mysecret<\/code> with -q -P<\/code> flag.<\/p>\nssh-keygen -t rsa -f ~\/.ssh\/ssh-key -C vagrant -b 4096 -q -P \"mysecret\"<\/code><\/pre>\n\n
ssh-keygen<\/code>.<\/li>\n-C<\/code> , you can directly perform SSH without specifying the username in the SSH command.<\/p>\nssh -i ~\/.ssh\/ssh-key 192.81.209.247<\/code><\/pre>\n-q -N<\/code> as shown below.<\/p>\nssh-keygen -t rsa -f ~\/.ssh\/ssh-key -C vagrant -b 2048 -q -N \"\"<\/code><\/pre>\nHow to Use Your SSH Key<\/h2>\n
ssh-copy-id<\/code> command or manually place the id_rsa.pub<\/code> file content into the ~\/.ssh\/authorized_keys<\/code> file on the remote server.<\/p>\nssh username@remote_server<\/code><\/pre>\nssh -i \/path\/to\/private-key-file username@remote_server<\/code><\/pre>\nssh -i ~\/.ssh\/ec2-server.pem ubuntu@34.56.76.34<\/code><\/pre>\nSupported SSH key algorithms<\/h2>\n
\n
ssh-keygen -l -f ~\/.ssh\/id_rsa<\/code><\/pre>\nSSH Key FAQs<\/h2>\n
How do I manually generate SSH keys?<\/h3>\n
Is it possible to use ssh-keygen to create an SSH key without a passphrase?<\/h3>\n
What if I lose my SSH key?<\/h3>\n
authorized_keys<\/code> file and create a new key pair. It is recommended to save the SSH keys in a secret management tool.<\/p>\nCan I use the same SSH key for multiple servers?<\/h3>\n
authorized_keys<\/code> file under ~\/.ssh directory. <\/p>\nHow to create an SSH key online?<\/h3>\n
Conclusion<\/h2>\n