Contact
Site: US UK AU |

How to create SSH keys in macOS and Linux

How to create SSH keys in macOS and Linux

Overview
This article explains how you can create SSH keys to restrict and manage user access to a Linux server.

Background

This article's scope is limited to macOS and Linux. 

SSH keys are a means of authenticating a user to an SSH server without using a password. Each “key” is actually a key pair consisting of a public key and a private key. Keys are more secure than passwords because they are significantly more complex. While a password of eight characters is 72 bits long, SSH keys are often 2048 bits or longer. This longer string has many more possible permutations and therefore takes much more time to crack with a brute force attack.

If you require SSH access for multiple users, the use of SSH keys instead of individual logins can bypass many of the headaches involved in user management without violating PCI DSS. See What are the advantages of using SSH keys to control access for multiple users? for details.

Procedure

The process involves generating a pair of SSH key files containing a private key and a public key. The private key is known only to the user’s computer; the public key will be known to the server. Each key is useless without the other; therefore, only individuals with both the private and the public key can gain access to the server, and the private key is never revealed to the server.

Users should take special care to not lose the private key. A lost private key cannot be replicated; therefore, the user cannot access the server until an administrator generates a new key pair. If you lose access to your server due to a lost key, contact our Support Team for assistance.

1: Create and save the SSH key files

  1. Issue the ssh-keygen command, see the example below:

    test@demo:~$ ssh-keygen -t rsa -b 4096

    Generating public/private rsa key pair.

    Enter file in which to save the key (/home/test/.ssh/id_rsa):

    Created directory '/home/test/.ssh'.

    Enter passphrase (empty for no passphrase):

  2. The keys save to the default location or, if one was specified, in a separate file. Choose one:
    • If you do want a passphrase, type it now and hit Enter. Type the passphrase again when prompted.
    • If you do not want a passphrase, hit Enter twice in succession without entering a passphrase.

  3. You will now see the identification fingerprint for the SSH key. This image is automatically generated.

2: Transfer the public key file to the receiving server

  • If you are a Nexcess Cloud clientlog in to your Client Portal to add the key. If you cannot find your login credentials, either click Forgot Password? on the login page, or contact our Support Team.  
  • If you are not a Nexcess Cloud client, the easiest method of transfer uses the ssh-copy-id command

    Run the ssh-copy-idcommand with the same arguments used for connecting to the server using the ssh command:

    ssh-copy-id user@hostname.com

3:Test the connection

  1. Issue the following command:

    ssh user@hostname.com

  1. Select Yes to accept the key fingerprint.

  2. Attempt to log in to the server. If ssh key authentication is functioning properly, you will log in successfully.

  3. If prompted, type the passphrase created in 1: Create and save the SSH key files.


For 24-hour assistance any day of the year, contact our Support Team by email or through the Client Portal.

Article Rating (No Votes)
Rate this article
  • Icon PDFExport to PDF
  • Icon MS-WordExport to MS Word
 
Attachments Attachments
There are no attachments for this article.
Related Articles RSS Feed
How to view shared secure data in your Client Portal
Added on Wed, Dec 5, 2018
How to secure your WordPress site
Added on Mon, Jul 20, 2015
How to change your Client Portal password
Added on Mon, May 21, 2018
How to improve the security of your Magento store
Added on Wed, Nov 12, 2014
How to patch your Magento store
Added on Mon, Jan 11, 2016
What are file and directory permissions?
Added on Wed, Nov 12, 2014
How to reset your SSH password and add SSH keys in SiteWorx
Added on Wed, Feb 8, 2017
How to create a secure password
Added on Wed, Nov 12, 2014
How to install OpenVPN
Added on Fri, Mar 17, 2017
How to add SSH keys to your Nexcess Cloud account
Added on Tue, Oct 23, 2018