How to Create SSH Keys with OpenSSH on MacOS or Linux | DigitalOcean Documentation (2024)
Validated on 28 Aug 2019 • Last edited on 16 Feb 2024ssh
DigitalOcean Droplets are Linux-based virtual machines (VMs) that run on top of virtualized hardware. Each Droplet you create is a new server you can use, either standalone or as part of a larger, cloud-based infrastructure.
If you’re struggling with SSH and server management, try our managed products Cloudways and App Platform. Cloudways deploys pre-installed software stacks onto Droplets, and App Platform deploys and scales apps directly from your code repository, along with databases and serverless functions, no SSH or server administration required.
The standard OpenSSH suite of tools contains the ssh-keygen utility, which is used to generate key pairs. Run it on your local computer to generate a 2048-bit RSA key pair, which is fine for most uses.
The utility prompts you to select a location for the keys. By default, the keys are stored in the ~/.ssh directory with the filenames id_rsa for the private key and id_rsa.pub for the public key. Using the default locations allows your SSH client to automatically find your SSH keys when authenticating, so we recommend accepting them by pressing ENTER.
Generating public/private rsa key pair.Enter file in which to save the key (/home/username/.ssh/id_rsa):
Warning
If you have previously generated a key pair, you may see a prompt that looks like this:
If you choose to overwrite the key on disk, you will not be able to authenticate using the previous key anymore. Selecting yes is an irreversible destructive process.
Once you select a location for the key, you’ll be prompted to enter an optional passphrase which encrypts the private key file on disk.
If you enter one, you will have to provide it every time you use this key (unless you are running SSH agent software that stores the decrypted key). We recommend using a passphrase, but you can press ENTER to bypass this prompt.
Created directory '/home/username/.ssh'.Enter passphrase (empty for no passphrase):Enter same passphrase again:
This is the last step in the creation process. You now have a public and private key that you can use to authenticate.
Your identification has been saved in /home/username/.ssh/id_rsa.Your public key has been saved in /home/username/.ssh/id_rsa.pub.The key fingerprint is:a9:49:EX:AM:PL:E3:3e:a9:de:4e:77:11:58:b6:90:26 [emailprotected]The key's randomart image is:+--[ RSA 2048]----+| ..o || E o= . || o. o || .. || ..S || o o. || =o.+. ||. =++.. ||o=++. |+-----------------+
Create an RSA key pair by issuing a command on the host that is similar to this command: ssh-keygen -t rsa. You can also create a valid ECDSA key pair for authentication: ssh-keygen -t ecdsa. ...
Associate the public key with a user on the clustered system using the management GUI.
By default, the keys are stored in the ~/.ssh directory with the filenames id_rsa for the private key and id_rsa. pub for the public key. Using the default locations allows your SSH client to automatically find your SSH keys when authenticating, so we recommend accepting them by pressing ENTER .
An SSH2 public key in OpenSSH format will start with "ssh-rsa". The idea behind all of this is that once you have keys on the remote server and your local host, access will be simpler since the server will only grant access to someone who has the matching private key.
VMs accept the key formats listed in the sshd_config file. On Linux and macOS workstations, use the ssh-keygen utility to create a new SSH key pair. The following example creates an RSA key pair. Open a terminal and use the ssh-keygen command with the -C flag to create a new SSH key pair.
Address: 2865 Kasha Unions, West Corrinne, AK 05708-1071
Phone: +3512198379449
Job: Design Planner
Hobby: Graffiti, Foreign language learning, Gambling, Metalworking, Rowing, Sculling, Sewing
Introduction: My name is Dong Thiel, I am a brainy, happy, tasty, lively, splendid, talented, cooperative person who loves writing and wants to share my knowledge and understanding with you.
We notice you're using an ad blocker
Without advertising income, we can't keep making this site awesome for you.