In this article we’ll to use the OpenSSH, for generate a couple of keys, case you don’t know, the OpenSSH is a group of tools that together are a implementation of the SSH protocol,among these tools there is one that allow remote devices encrypted connections since that the involved it supports SSH, how is a safe connection is necessary an authentication, which usually can be do in two ways, it one is typing the user password of the remote device, or using the SSH keys instead typing a password, after this shortly introduction let’s put our hands dirty.

Install the OpenSSH

Probably you already have the OpenSSH installed, but if you haven’t, execute the command below for to install it on Fedora or your spins, if you don’t use Fedora you’ll need to replace the command by correspondent command of your distribution.

sudo dnf install -y openssh

Generate the SSH keys

We’ll use the tool ssh-keygen of OpenSSH for to generate the couple of keys, so execute the command below and remember of replace your@email.com by your email, or by something that you need to use as identification to this key.

ssh-keygen -t rsa -b 4096 -C "your@email.com"

When you to see the option below, I recommend to you to press enter and thus the keys will be to save at default directory $HOME/.ssh.

Enter file in which the key is ($HOME/.ssh/id_rsa):

The next option will be for you configure a password to your key, I recommend to you not typing nothing and press enter, otherwise you’ll need to type the password every times the key is used.

Enter passphrase (empty for no passphrase):
Enter same passphrase again:

The keys was created at directory $HOME/.ssh, one of the keys is the private id_rsa and never should be shown or given to thirds (except if you to know what are you doing), the another is the public key id_rsa.pub it’s that should be sent to the services and devices that we’ve wish to access without explicitly to type a password, the way to send it can change, for example on Github you need to send the public key content by the settings dashboard and on the traditional Linux servers you usually need to include the content of id_rsa.pub in ~/.ssh/authorized_keys file.

How you should already observed these keys are text files and you can visualize it with:

# public
cat ~/.ssh/id_rsa.pub

# private
cat ~/.ssh/id_rsa

These files contains a set of characters that no make a sense to humans(except your email), you should never change they, as it will invalidate the keys and you can’t more connect with the devices accessible until at this moment, to fix it would be necessary generate a new couple of keys and update your public key at every place that you had already configured your public key.

Use SSH together with the authentication by keys, really makes easy our day by day mainly if you need to access many places by SSH, I hope that this tutorial had been useful, see you.

Resources