Generate SSH Keys

Three steps to generate and install your own SSH keys. Never use a password to log into the Linux server again.

Generate SSH Keys
Photo by Silas Köhler / Unsplash

In today's digital world, securing your access to servers is crucial. One of the most secure and efficient methods is using ED25519 SSH keys. In this guide, I'll walk you through generating these keys and adding the public key to a different server. Let's get started!

Step 1: Generate ED25519 SSH Keys

  1. Open your terminal.
    • The -t ed25519 flag specifies the type of key to generate.
    • The -C flag adds a comment, typically your email address, to help identify the key.
  2. Follow the prompts:
    • You will be asked where to save the new key. Press Enter to accept the default location (~/.ssh/id_ed25519).
    • You can set a passphrase for added security, but it's optional. If you set one, you'll need to enter it whenever you use the key.

Run the following command:

ssh-keygen -t ed25519 -C "your_email@example.com"

Your ED25519 SSH key pair is now generated. The private key is stored in ~/.ssh/id_ed25519, and the public key is in ~/.ssh/id_ed25519.pub.

Step 2: Add the Public Key to a Different Server

On the server you generated the key, grab a copy of the public key from the file.

cat ~/.ssh/id_ed25519.pub

Log in to the remote server:

ssh username@remote_server_ip

Create or open the ~/.ssh/authorized_keys file on the remote server:

mkdir -p ~/.ssh
nano ~/.ssh/authorized_keys

Paste the key into the authorized_keys file.

Make sure the key is on a single line.

Save and close the file (if using nano, press Ctrl+X, then Y, and Enter).

Step 3: Test Your SSH Access

ssh username@remote_server_ip

If everything is set up correctly, you should be able to log in without needing a password.

Conclusion

Congratulations! You've successfully generated an ED25519 SSH key pair and added the public key to a remote server. This setup enhances your server's security and simplifies your login process. Remember to keep your private key secure and consider using a passphrase for additional protection.