An SSH key pair consists of a private key, which is a text file that stays on your computer, and a public key, which is an accompanying text file that can be installed on a server. This key pair can be used as an alternative to passwords when connecting via SSH or SFTP. SSH keys allow you to log in to a server without having to type a password and are generally preferred over passwords for security reasons (they are not guessable, and it's more difficult to unintentionally share them).
Generating a Public and Private Key Pair
On macOS and Linux, we can use the ssh-keygen command to get started. On Windows, you can follow these directions as long as the OpenSSH client for Windows is enabled. Just follow along in a PowerShell prompt instead. There are other ways to generate public and private keys using programs like PuTTY on Windows, but that is out of scope for this guide.
In a terminal, enter:
ssh-keygen -t ed25519
Then, hit the enter key. The command will ask for a filename, which you can leave empty if this is your first ssh key pair you're generating on your computer. It will also ask for a password, which you can also leave empty.
It is worth mentioning that specifying the type of key with the -t
flag is important, as by default, ssh-keygen
will generate keys of the RSA type. This key type is now deprecated, and in some cases no longer works properly for some types of connections.
After the key pair has been generated, we can use ls in the .ssh directory to see both the public and private keys.
cd ~/.ssh
ls
You should be able to see an id_ed25519 and id_ed25519.pub file. The id_ed25519 file is your private key and should never be copied to a server or shared with anyone, and id_ed25519.pub is your public key that can be installed on a server.
Viewing and copying your public key
If you happen to be installing a public key on a server manually, need to use it with Reclaim Cloud or ReclaimPress, or need to share it with us at Reclaim, you may have to copy the key to your clipboard. To do this, from a terminal run the following command:
cat ~/.ssh/id_ed25519.pub
This will output the key to your terminal, you can then select the text starting with “ssh-ed25519” and ending with your computer’s name, and copy that text to your clipboard.