# Generate and use an SSH key

In this guide you'll learn how to generate an ssh key to connect to other Unix/Linux hosts.

# Using OpenSSH

This is probably what you are using if your station is a Linux or BSD computer. You will probably want a ed25519 key or an RSA 4096 bit key unless you care about local regulations.

Run:

$ ssh-keygen -t rsa -b 4096
Generating public/private rsa key pair.
Enter file in which to save the key (/home/user/.ssh/id_rsa):

When prompted for the file to store the key, you can press Enter if you don't have any key yet. If the file exists, it will be overwritten with no recovery possible.

As it is better to use different keys for different users, better use a custom name. The path and name are relative to your current directory. It's best to store your ssh keys in /home/user/.ssh .

For example, the key user for connecting to your host4coins server could be: /home/user/.ssh/id_rsa_h4c

Take also a moment to think about your passphrase. The passphrase protects your key from being used if you leak the private key file. It has to be long and strong.

Then you can resume the interaction with ssh-keygen:

Enter file in which to save the key (/root/.ssh/id_rsa): /home/user/.ssh/id_rsa_h4c
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/user/.ssh/id_rsa_h4c.
Your public key has been saved in /home/user/.ssh/id_rsa_h4c.pub.
The key fingerprint is:
SHA256:z8ETmzQ8GS3dci3N7J51QYPfkIlTV1jEJW1f8qKZdjo user@station
The key's randomart image is:
+---[RSA 4096]----+
|          .o +=/O|
|         ..o*.X+@|
|          B. +.B=|
|         o *  ..B|
|        S *  + o+|
|         o o= ...|
|          o. o   |
|            E    |
|             .   |
+----[SHA256]-----+

Now you have:

  • your passphrase
  • /home/user/.ssh/id_rsa_h4c - the private key to save and never disclose
  • /home/user/.ssh/id_rsa_h4c.pub - the public key

When asked for your ssh key to connect to some service, you give the content of the public key.

Then, to connect to "server" using your key as user "user", type:

ssh -i .ssh/id_rsa_h4c user@server

You will then be prompted for your passphrase.