SSH Key Generation

An SSH key is required when logging in to a system/server remotely to create an encrypted communication channel.

You may also want to review or

We recommend that you use a separate unique SSH Key for each device you use.

In this article:

Mac/Linux/Windows WSL

  1. Open Terminal.

  2. Generate an ed25519 key.

    1 $ ssh-keygen -t ed25519 -C "key comment"

    If you are connecting to servers that don't support ed25519 keys, you can use an RSA key instead.   We recommend at least a 4096 key size.

    1 $ ssh-keygen -t rsa -b 4096 -C "key comment"


  3. When you are prompted to provide a file path, you can press enter to keep the default location:

    1 > Enter a file in which to save the key (/Users/you/.ssh/id_ed25519): [Press enter]


  4. When prompted, type a secure passphrase. We do not recommend having an SSH Key with no password.

    1 2 > Enter passphrase (empty for no passphrase): [Type a passphrase] > Enter same passphrase again: [Type passphrase again]


  5. Your public key will now be stored in the path provided above. This is used to provide access to servers; in a terminal, you can get the contents as follows

    1 $ cat ~/.ssh/

    It should look like the following:

    1 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE9y+8q+tI6IsORfEIbcQdIeEAZIhaKV+5yjo3CAh9dS




  1. If you want to use PuTTY, download the (64-bit) .msi file from the Packages files section. After installation, open PuTTYgen and select Ed25519.


  2. Click Generate and follow the instructions.  After the key has been generated, fill in the Key comment and Key passphrase.  Save the "Public key for pasting into OpenSSH authorized_keys file" in a location you can access later.  You also need to save the private key and public key.


Need help?

Contact the IST Service Desk online or 519-888-4567 ext. 44357.

Article feedback

If you’d like to share any feedback about this article, please let us know.