Article

Table of Contents
Theme:
Was this article helpful?

3  out of  5 found this helpful

Try Vultr Today with

$50 Free on Us!

Want to contribute?

You could earn up to $300 by adding new articles!

How Do I Generate SSH Keys?

Last Updated: Wed, Sep 9, 2020
FAQ Quickstart Guides Security

An SSH key allows you to log into your server without a password. This guide describes how to create SSH keys using a Linux, Mac, or Windows workstation in OpenSSH format, suitable for use with Vultr server instances.

Create an SSH Key with OpenSSH

OpenSSH is standard and should be present on macOS and most Linux distributions. We also have installation instructions for Windows 10 users. Follow these steps to create an SSH key with the OpenSSH utilities.

  1. Generate your key with ssh-keygen using these parameters:

    • Generate an RSA format key with the -t rsa parameter.
    • For a more secure 4096-bit key, use the -b 4096 parameter.
    • To enter a comment, use the -C [comment] parameter.

    Example:

     $ ssh-keygen -t rsa -b 4096 -C "Example comment"
    
  2. Press ENTER to save the key in the default location. By default, the keys are stored in the ~/.ssh directory. Using the default filename is convenient because most SSH clients automatically use the default filenames of id_rsa for the private key and id_rsa.pub for the public key.

    Generating public/private rsa key pair.
    Enter file in which to save the key (/home/example_user/.ssh/id_rsa):
    
  3. You may enter a passphrase for your key. We recommend using a passphrase, but you can press ENTER to bypass this prompt. If you use a passphrase, you will enter it each time you use the key unless you also use ssh-agent.

    Enter passphrase (empty for no passphrase):
    Enter same passphrase again:
    
  4. Your key is generated and saved.

    Your identification has been saved in /home/example_user/.ssh/id_rsa.
    Your public key has been saved in /home/example_user/.ssh/id_rsa.pub.
    The key fingerprint is:
    SHA256:J3gbQu5GcqB8/9UXwhjYGXJrFSrb1jJJTEBwpaqF/p0 Example comment
    The key's randomart image is:
    +---[RSA 4096]----+
    |      .o=o= o.   |
    |       . O *     |
    |    . . + X      |
    | . . = o * *     |
    |  o + O S O + .  |
    |   o O o * + . . |
    |    o + . . . .  |
    |     o o o   .   |
    |      . E        |
    +----[SHA256]-----+
    
  5. The default filename for the public key is /home/example_user/.ssh/id_rsa.pub on Mac and Linux, or C:\Users\example_user.ssh\id_rsa.pub on Windows.

  6. Make sure you backup the private key, ~/.ssh/id_rsa. The key cannot be recovered if lost.
  7. View the contents of the file.

    Mac and Linux:

    $ cat /home/example_user/.ssh/id_rsa.pub
    ssh-rsa AAAAB3NzaC1yc2EAAAA
    ...
    ...
    ...
    B31qRacQThmVw== Example comment
    

    Windows:

    C:\> type C:\Users\example_user\.ssh\id_rsa.pub
    ssh-rsa AAAAB3NzaC1yc2EAAAA
    ...
    ...
    ...
    B31qRacQThmVw== Example comment
    
  8. Copy the key to your clipboard if you want to add it to your Vultr account.

  9. Before connecting to an existing server with your SSH key, you'll need to add the public portion to the authorized_keys file.

Install OpenSSH on Windows 10

The OpenSSH client is an installable component for Windows 10 1809.

  1. Launch Settings then go to Apps > Apps and Features > Manage Optional Features.
  2. Scan this list to see if OpenSSH Client is already installed. If not, then click Add a feature.
  3. Locate OpenSSH Client, then click Install.
  4. Optionally, you can also install OpenSSH Client with PowerShell.

Once you've installed OpenSSH, follow the instructions above to create your SSH key.

Create an SSH Key on Windows with PuTTYgen

PuTTYgen is part of the PuTTY suite of utilities. It is available for all versions of Windows.

  1. Download the latest version of the PuTTY utilities. We recommend the MSI Windows Installer package.
  2. Install the package and run PuTTYgen.
  3. At the bottom of the program window, select RSA for the key type.
  4. In the lower-right corner, set the number of bits for your key. 2048-bit keys are reasonably safe, and 4096-bit keys are very secure.
  5. Click the Generate button. Move the mouse in the blank area to generate some random data.
  6. Enter a Key comment to make the key easier to identify later.
  7. The private key must be kept secure from unauthorized use. We recommend entering a Key passphrase to protect the SSH key.
  8. Click Save private key and store it securely. It is not possible to recover this file if it is lost. This file is your public/private key pair in PuTTY format. You can re-import this file with PuTTYgen in the future to export or convert the format of your public key.
  9. Click Conversions > Export OpenSSH key. Save this file and store it securely. This file is your private SSH key in OpenSSH format. You may need this file if you use an SSH client other than PuTTY.
  10. Select the text in the Public key for pasting into OpenSSH authorized_keys file box and save it to a file. This is your public key in OpenSSH format. If you want to add this key to your Vultr account, you'll also copy and paste this into the Customer Portal.

More Information

For more information about managing SSH keys, see our other guides:

Want to contribute?

You could earn up to $300 by adding new articles