An SSH key is required when logging in to a system/server remotely to create an encrypted communication channel.
You may also want to review How to use SSH Authman - for users or Setting up SSH Authman - for server owners
We recommend that you use a separate unique SSH Key for each device you use.
In this article:
Mac/Linux/Windows WSL
Open Terminal.
Generate an ed25519 key.
$ ssh-keygen -t ed25519 -C "key comment"
If you are connecting to servers that don't support ed25519 keys, you can use an RSA key instead. We recommend at least a 4096 key size.$ ssh-keygen -t rsa -b 4096 -C "key comment"
When you are prompted to provide a file path, you can press enter to keep the default location:
> Enter a file in which to save the key (/Users/you/.ssh/id_ed25519): [Press enter]
When prompted, type a secure passphrase. We do not recommend having an SSH Key with no password.
> Enter passphrase (empty for no passphrase): [Type a passphrase] > Enter same passphrase again: [Type passphrase again]
Your public key will now be stored in the path provided above. This is used to provide access to servers; in a terminal, you can get the contents as follows
$ cat ~/.ssh/id_ed25519.pub
It should look like the following:ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE9y+8q+tI6IsORfEIbcQdIeEAZIhaKV+5yjo3CAh9dS user@example.host
Windows
PuTTY
If you want to use PuTTY, download the (64-bit) .msi file from the Packages files section. After installation, open PuTTYgen and select Ed25519.
Click Generate and follow the instructions. After the key has been generated, fill in the Key comment and Key passphrase. Save the "Public key for pasting into OpenSSH authorized_keys file" in a location you can access later. You also need to save the private key and public key.
Related articles
Need help?
Contact the IST Service Desk online or 519-888-4567 ext. 44357.
Article feedback
If you’d like to share any feedback about this article, please let us know.