How to create a keypair with OpenSSH KeyGen?

About

Keygen ¹⁾ is a OpenSSH tool that generates a new ssh keypair suitable for public key authentication

How to create a keypair

Install OpenSSH

Install OpenSsh

Start KeyGen

Run ssh-keygen to create a keypair

ssh-keygen -m PEM -t rsa
# or
ssh-keygen -t ed25519

where:

• -t is the algorithm (implementation) (Default to RSA):
  • DSA,
  • RSA,
  • ECDSA,
  • or Ed25519
• -m define the format (By default OpenSSH create private keys in its own format, see the header)
  • RFC4716: RFC 4716/SSH2 public or private key
  • PKCS8: PKCS8 public or private key
  • PEM: PEM public key (openssl format)

Enter a location and a passphrase

Enter a passphrase to protect it, store your passphrase in a keystore client application such as keypass or Bitwarden

Output on Windows:

Generating public/private rsa key pair.
Enter file in which to save the key (C:\Users\ngera/.ssh/id_rsa): C:\Users\ngera\.ssh\keyname_rsa
Enter passphrase (empty for no passphrase):
Enter same passphrase again:

Result

Your identification has been saved in C:\Users\ngera\.ssh\keyname_rsa
Your public key has been saved in C:\Users\ngera\.ssh\keyname_rsa.pub
The key fingerprint is:
SHA256:LKQaKFnxxxxxxxao/RdPNkJ0Yq//Jiaaxxxxxsv93lk username@hostname
The key's randomart image is:
+---[RSA 3072]----+
|     .o o.=  +=o.|
| o   o + * o .+o.|
|  = . o + . o .. |
| xxxxxxxxxxx .   |
|+ o . . S   .    |
|.  o   .     .   |
|  .       xxxxxx |
|      . .. ooo=  |
|       ==o=B+=.. |
+----[SHA256]-----+

where:

• the identification (ie the file keyname_rsa) is the the private key
• the file keyname_rsa.pub is the public key

Next as client

If you are a client, add it to your authentication agent

Example:

ssh-add $env:USERPROFILE\.ssh\keyname_rsa