How to create a keypair with OpenSSH KeyGen?
About
Keygen 1) is a OpenSSH tool that generates a new ssh keypair suitable for public key authentication
How to create a keypair
Install OpenSSH
Start KeyGen
Run ssh-keygen to create a keypair
ssh-keygen -m PEM -t rsa
# or
ssh-keygen -t ed25519
where:
- -t is the algorithm (implementation) (Default to RSA):
- DSA,
- RSA,
- ECDSA,
- or Ed25519
- -m define the format (By default OpenSSH create private keys in its own format, see the header)
- RFC4716: RFC 4716/SSH2 public or private key
- PKCS8: PKCS8 public or private key
- PEM: PEM public key (openssl format)
Enter a location and a passphrase
Enter a passphrase to protect it, store your passphrase in a keystore client application such as keypass or Bitwarden
Output on Windows:
Generating public/private rsa key pair.
Enter file in which to save the key (C:\Users\ngera/.ssh/id_rsa): C:\Users\ngera\.ssh\keyname_rsa
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Result
Your identification has been saved in C:\Users\ngera\.ssh\keyname_rsa
Your public key has been saved in C:\Users\ngera\.ssh\keyname_rsa.pub
The key fingerprint is:
SHA256:LKQaKFnxxxxxxxao/RdPNkJ0Yq//Jiaaxxxxxsv93lk username@hostname
The key's randomart image is:
+---[RSA 3072]----+
| .o o.= +=o.|
| o o + * o .+o.|
| = . o + . o .. |
| xxxxxxxxxxx . |
|+ o . . S . |
|. o . . |
| . xxxxxx |
| . .. ooo= |
| ==o=B+=.. |
+----[SHA256]-----+
where:
- the identification (ie the file keyname_rsa) is the the private key
- the file keyname_rsa.pub is the public key
Next as client
If you are a client, add it to your authentication agent
Example:
ssh-add $env:USERPROFILE\.ssh\keyname_rsa