ssh-keygen Command Explained with Example in Linux

SSH is used for the validation and authenticating the users with the use of key value pairs like private and public keys. Such keys are generated by using the ssh-keygen command. You are able to generate different types of keys like RSA, DSA and so on.

In this article, we are going to discuss the process of using the ssh-keygen command to generate different keys which authenticates the public and private keys used by SSH. We are going to demonstrate it on Ubuntu 20.04 LTS server.

Use of ssh-keygen

At the time of using the ssh-keygen command, you are able to generate different types of keys like RSA, DSA and so on. So firstly let’s understand those keys with the help of points discussed below.

Sponsored
• $HOME/.ssh/id_rsa: RSA authentication identity file of the user. It is only readable by the user.
• $HOME/.ssh/id_rsa.pub: RSA public key file for the authentication.

Such Public key files are copied to the remote server so the user can login with the SSH authentication. It is copied to the $HOME/.ssh/authorized_keys file of the remote server.

• $HOME/.ssh/id_dsa: DSA authentication identity file of the user. It is only readable by the user.
• $HOME/.ssh/id_dsa.pub: DSA public key file for the authentication.

ssh-keygen to create RSA keys

Here, ssh-keygen is used to create RSA keys for authentication. By default, if you just use the ssh-keygen command, it generates the rsa keys. Let’s generate the rsa keys by executing the command as shown below.

$ ssh-keygen -t rsa

Or

$ ssh-keygen

After executing the above command, you will see the similar output as below.

Here, both the public key i.e id_rsa.pub and private key i.e id_rsa are saved in the default location that is $HOME/.ssh/.

As the public key needs to be copied to the remote server so the user can login with the SSH authentication. It is copied to the $HOME/.ssh/authorized_keys file of the remote server. Let’s check the public key generated with the above command.

$ cat id_rsa.pub

Simply copy this public key and paste it to this location: $HOME/.ssh/authorized_keys file of the remote server for the authenticaton.

ssh-keygen to create DSA keys

Likewise, DSA keys can also be created with simple change in the command. By default, if you just use the ssh-keygen command, it generates the rsa keys. But to generate DSA keys, simply put -t dsa as an argument in the command. For further details, you can execute the command as shown below.

$ ssh-keygen -t dsa

When you execute the above command, you can get the output as:

Both the public key i.e id_dsa.pub and private key i.e id_dsa are also saved in the default location that is $HOME/.ssh/.

You can simply copy the public key to the remote server for the user to login with the SSH authentication. It is copied to the $HOME/.ssh/authorized_keys file of the remote server. Let’s check the public key generated with the above command.

$ cat id_dsa.pub

Copy this public key and paste it to this location: $HOME/.ssh/authorized_keys file of the remote server for the authenticaton.

Conclusion

In this article, you have learnt how to generate different types of keys like RSA, DSA for authentication and connect to the different remote servers by copying the public key to the $HOME/.ssh/authorized_keys file of the remote server. Thank you!