SSH keys are an easy way to identify trusted computers, without involving passwords. The steps below will walk you through generating an SSH key and adding the public key to the server.
Check for existing SSH Keys
First, check for existing SSH keys on your computer. Open Git Bash, Cygwin, or Terminal, etc. and enter the following command
# List all the files in your .ssh directory, if it exists
$ ls -al ~/.ssh
Check the directory listing to see if you already have a public SSH key. By default, the filenames of the public keys are typically one of the following
id_dsa.pub
is_ecdsa.pub
id_ed25519.pub
id_rsa.pub
If you see an existing public and private key pair listed (for example id_rsa.pub and id_rsa) that you'd like to use, you can skip ahead to adding your key to the ssh-agent.
Generate a new SSH key
With your command line tool still open, enter the text shown below. Make sure you substitute in your email address
# Create a new ssh key, using the provided domain username and computer name as a label
$ ssh-keygen -t rsa -b 4096 -C "mcflym@N123456"
Generating public/private rsa key pair.
You'll be asked to enter a passphrase, or simply press Enter for no passphrase
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
After you enter a passphrase (or just press Enter twice), review the fingerprint, or 'id' of your SSH key
Your identification has been saved in /Users/username/.ssh/id_rsa.
Your public key has been saved in /Users/username/.ssh/id_rsa.pub.
The key fingerprint is:
nss2VhNB0Y62VIToM+/qYe3HS4TPXmrhuBxjUz4l/I8= your@email.com
Add your key to the ssh-agent
To configure the ssh-agent program to use your SSH key, first ensure ssh-agent is enabled.
# start the ssh-agent in the background
$ eval $(ssh-agent -s)
Agent pid 59566
If you are using Git Bash, enable the ssh-agent with command shown below instead
# start the ssh-agent in the background
$ eval `ssh-agent`
Agent pid 59566
Then, add your SSH key to the ssh-agent
$ ssh-add ~/.ssh/id_rsa
Add your SSH key to the server
To add your public SSH key to the server, you'll copy the public SSH key you just created to the server. Substitute "username" with your username on the server, and "server.address.com" with the domain address or IP address of your server
$ cat ~/.ssh/id_rsa.pub | ssh username@server.address.com 'cat >> ~/.ssh/authorized_keys'
The server will then prompt you for your password. Type in the password you created when you generated a new ssh key (or just press enter if you did not add a password)
username@server.address.com's password:
That's it! π You should now be set up to connect to the server without having to authenticate.
Top comments (0)