Connecting to a server with an SSH key is a simple and reliable way of securing network connections. The key allows you to identify the client when connecting to the server without using a password. It is almost impossible to hack such a key because the SSH key is a combination of public and private parts of the key. The public key is stored on the server and is available to anyone who tries to connect to the device. The private key is available only to the user.
The SSH connection method is often used by IT professionals because it is not only reliable but also offers a lot of new options. In this article, we describe how to generate an SSH key quickly and easily.
SSH Key for Windows
There are several options for Windows users to SSH-connect to the server, but the most popular way is to use the Putty client. You can download it from the official website as an installer and a portable version. Download the client, install/unpack it, then run puttygen.exe.
In the first window, the client will show you that there is no SSH key and will offer to generate it. Select the desired type, or keep the defaults, and the client will generate an SSH key that is 2048 bit. Click Generate.
Putty will ask you to move the mouse or press the keys. This is necessary to generate a pseudo-random number pair of public and private keys.
The client will show you that the keys have been generated. Save their keys on the device by clicking the Save public key and Save private key.
After that, you can insert the generated key into the appropriate field to connect to the server. It is important to follow this order to protect against unpleasant surprises like losing the key.
SSH keys for Linux
Linux users can generate a key with the command ssh-keygen. Even if you do not specify any parameters, it will keep everything as it should be. Not only this command can be used in the console but also in its extended versions. For example, the following ones:
- RSA SSH с 4096-bit private key —
ssh-keygen -t rsa -b 4096 -C "RSA 4096 bit Keys"
- DSA SSH с 2048-bit private key —
ssh-keygen -t dsa -b 1024 -C "DSA 1024 bit Keys"
- ECDSA SSH с 521-bit private key —
ssh-keygen -t ecdsa -b 521 -C "ECDSA 521 bit Keys"
- SSH ed25519 (new algorithm added to OpenSSH) —
ssh-keygen -t ed25519
We recommend generating an RSA key pair; they are extremely hard to crack and are therefore recommended by default. The private (secret) key will be stored in ~/.ssh/id_rsa, and the public one is in ~/.ssh/id_rsa.pub. Both files are located in your home directory.
After the command
$ ssh-keygen -t rsa the console will display the following dialog window:
Enter file in which to save the key (/home/user/.ssh/id_rsa):
Once you see this, press Enter. This will save the files in the directory you set by default. In the next step, you will be prompted for a password to further secure your SSH connection.
- > Enter passphrase (empty for no passphrase): [Type a passphrase]
- > Enter same passphrase again: [Type passphrase again]
You can either specify or skip it by pressing Enter.
The key is created and a message appears on the console:
$ cat ~/.ssh/id_rsa.pub to display the keys. It will look something like this:
Paste the copied keys into the required fields. After that, use the command $ ssh root@[server IP address] to check if a connection to the server has been established.