skip to primary navigationskip to content
 

SSH Keys: Generation

This quick guide will bring you through creating an SSH key for use with SSH Key Authentication. It assumes you will be using PuTTY. (It is free and simple, so why use anything else?

To create your SSH key, you will need 2 things:

  1. Full installation of PuTTY (specific bit we're interested in is PuTTY Key Generator)
  2. A proper text editor that understands how text files are meant to work (TextPad is one of the authors favourites)

Step 1.

Open PuTTY Key Generator.

Set the "Number of bits in a generated key:" to 2048

Step 2.

Click on "Generate"

(Wiggle the mouse around the window to generate the randomness)

Step 3.

Put a comment into the Key comment field (Something useful like your name)

Input a passphrase that is long, but that you can remember (or at least put into a password manager).

A good one is something like the opening lines to a favoured book.

"The Marley's were dead, to begin with" - The Muppet Christmas Carol

Step 4.

Save your keys:

First, Save Public Key. Give this file a sensible name (no extension)

Next, Save private key. Give this file a sensible name with the extension .ppk

 

Congratulations, you should now have an SSH key pair!

 

Step 5.

Now to make it useful!

NEVER GIVE OUT YOUR PRIVATE KEY AND PASSPHRASE!

However, feel free to send out your Public key to anyone that needs it to grant you access to their systems over SSH.

You can do this by either e-mailing the file, or the text from the file.

Our demonstration file contents looks like this:

---- BEGIN SSH2 PUBLIC KEY ----
Comment: "New-Key-For-Demonstration"
AAAAB3NzaC1yc2EAAAABJQAAAIEAzs1kQgoqrYs8GkZui4LNmLKSkPoxGFVb7K9+
FvK5o6C9o32TQPDE9kf0D4rFVYhFppqRpLk+hyTuU57z/dzdtK2LhkgIHGQPD9Qf
ttFnIL4bMThNa4zai/+r/c2D2QARyK93TOwyqS2RhAgnnTHjhNZCkMdPGL2gugSI
C4ng3pM=
---- END SSH2 PUBLIC KEY ----

To make it more sensible for SSHing to a Linux Server, it is necessary to edit it slightly. (this is where TextPad comes in handy)

Put in the type of key generated (SSH-2 RSA is listed as ssh-rsa) at the beginning.

remove the bracing around the key (that is the bit with the ---- surrounding it)

Copy the comment in the " "s to clipboard, you will need it in a minute, then remove Comment: " and the trailing ".

Remove all the line breaks from the key.

Now copy the comment to the end of your key.

Once finished it should look something like this (this may wordwrap to fit the window, but it is all on one line in reality!)

ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIEAzs1kQgoqrYs8GkZui4LNmLKSkPoxGFVb7K9+FvK5o6C9o32TQPDE9kf0D4rFVYhFppqRpLk+hyTuU57z/dzdtK2LhkgIHGQPD9QfttFnIL4bMThNa4zai/+r/c2D2QARyK93TOwyqS2RhAgnnTHjhNZCkMdPGL2gugSIC4ng3pM= New-Key-For-Demonstration

This is what gets put into the authorised_keys file in the server.

Simples!

 Step 6.

To now make use of this SSH Key pair, double click on the .ppk file to open in in the PuTTY key agent (pageant)

I tend to put a shortcut to this file in my Startup folder on my desktop machine. It means I am ready to roll when needed.