SSH is used for the validation and authenticating the users with the use of key value pairs like private and public keys. Such keys are generated by using the ssh-keygen command. You are able to generate different types of keys like RSA, DSA and so on.
Here at LinuxAPT, we shall look into the process of using the ssh-keygen command to generate different keys which authenticates the public and private keys used by SSH.
How to use ssh-keygen ?
With ssh-keygen command, you can generate different types of keys like RSA, DSA and so on.
RSA keys;
- $HOME/.ssh/id_rsa: RSA authentication identity file of the user. It is only readable by the user.
- $HOME/.ssh/id_rsa.pub: RSA public key file for the authentication.
DSA keys;
- $HOME/.ssh/id_dsa: DSA authentication identity file of the user. It is only readable by the user.
- $HOME/.ssh/id_dsa.pub: DSA public key file for the authentication.
Using ssh-keygen to create RSA keys
Here, ssh-keygen is used to create RSA keys for authentication. By default, if you just use the ssh-keygen command, it generates the rsa keys. Let’s generate the rsa keys by executing the command:
$ ssh-keygen -t rsa
Or
$ ssh-keygen
Here, both the public key i.e id_rsa.pub and private key i.e id_rsa are saved in the default location that is $HOME/.ssh/.
As the public key needs to be copied to the remote server so the user can login with the SSH authentication. It is copied to the $HOME/.ssh/authorized_keys file of the remote server. Let’s check the public key generated with the above command:
$ cat id_rsa.pub
Simply copy this public key and paste it to this location: $HOME/.ssh/authorized_keys file of the remote server for the authentication.
Using ssh-keygen to create DSA keys
Likewise, DSA keys can also be created with simple change in the command. By default, if you just use the ssh-keygen command, it generates the rsa keys. But to generate DSA keys, simply put -t dsa as an argument in the command. For further details, you can execute the command:
$ ssh-keygen -t dsa
Both the public key i.e id_dsa.pub and private key i.e id_dsa are also saved in the default location that is $HOME/.ssh/.
You can simply copy the public key to the remote server for the user to login with the SSH authentication. It is copied to the $HOME/.ssh/authorized_keys file of the remote server. Let’s check the public key generated with the above command:
$ cat id_dsa.pub
Copy this public key and paste it to this location: $HOME/.ssh/authorized_keys file of the remote server for the authentication.
[Need help in fixing Linux SSH issues ? We can help you. ]
Conclusion
This article covers how to generate different types of keys like RSA, DSA for authentication and connect to the different remote servers by copying the public key to the $HOME/.ssh/authorized_keys file of the remote server.