SSH Key
SSH Key is an access credential in the SSH protocol (Secure Shell). A secure shell is an encrypted secure network protocol that is used for remote communication between machines. SSH is also used for network management, remote file transfer, and remote operating system access.
SSH keys always come in pairs. It uses those pair of keys to initiate a secure handshake between remote machines.
The SSH key pair contains a public and a private key, which are types of keys.
- Public key, also called authorized keys, is used to determine who can access each system.
- Private key, also called identity key, is used to identify users and gives them access.
It can be a little difficult to make the difference between public and private keys. To overcome this confusion, you can think of the public key as a "lock" and the private key as the "key". The public key "key" will be given to remote parties to encrypt data. This data can be opened using the private key "key", which is saved in a secure place.
How to generate an SSH Key
SSH keys are created using a public key cryptographic algorithm. The most common algorithm used to generate SSH Keys are RSA and DSA. The generation of SSH keys is based on a mathematical formula, a one-way function that takes 2 prime numbers and a random seed variable to generate the public and private keys. The one-way function guarantees that the public key can be obtained from the private key, but the opposite is impossible; the private key cannot be obtained from the public key.
The key generation tool is used to create SSH keys. The SSH command-line tool suite incorporates a keygen tool.
Create an SSH Key on Mac And Linux
As both OsX and Linux operating systems have modern terminal applications that include the SSH suite preinstalled. The process of creating an SSH key is the same in both operating systems.
Open a command terminal and execute the following command.
$ ssh-keygen -t rsa -b 4096 -C "you_email@email.com"The above command will generate a new SSH key using the email as a label.
Then, you will be prompted to choose where to save the key.
You can indicate a file location or press "Enter" to accept the default location
> Enter a file in which to save the key (/Users/you/.ssh/id_rsa): [Press enter]The next prompt will demand a secure passphrase.
A passphrase is an additional security layer to the SSH and will be asked anytime the SSH key is used. The passphrase mechanism is used to prevent when someone gains access to the computer; they could also gain access to any system using that key.
> Enter passphrase (empty for no passphrase): [Type a passphrase] > Enter same passphrase again: [Type passphrase again]After choosing a passphrase, a new SSH key will be generated at the specified location.
Add the new SSH key to the ssh-agent
The ssh-agent is a program included in the SSH tool suite. It is responsible for holding private keys, and it also arranges requests to sign SSH requests with the private keys so that private keys are never passed unsecured.
Before adding the new SSH key to the ssh-agent, first, we should check if the ssh-agent is running by executing the following command:
$ eval "$(ssh-agent -s)" > Agent pid 569If the ssh-agent is running, the following command will add the new SSH key to the ssh-agent.
$ ssh-add -k /Users/you/.ssh/id_rsaNow the new SSH key is registered and ready to be used.
Create an SSH Key on Windows
Windows operating system does not have a standard Unix shell. You will need to install an external shell program to create an SSH key on Windows. The common option is to use Git Bash. Once Git Bash is installed, you can follow the same steps for Linux and Mac.