Skip to content

Creating SSH Keys on MacOS or Linux

The standard OpenSSH suite of tools contains the ssh-keygen utility, which is used to generate key pairs. Run it on your local computer:

title='Terminal' ssh-keygen

The utility prompts you to select a location for the keys. By default, the keys are stored in the `~/.ssh` directory with the filenames `id_rsa` for the private key and `id_rsa.pub` for the public key. 

Using the default locations allows your SSH client to automatically find your SSH keys when authenticating, so we recommend accepting them by pressing `ENTER`.
Generating public/private rsa key pair. Enter file in which to save the key (/home/username/.ssh/id_rsa):
!!! note "Important"
    If you have previously generated a key pair, you may see a prompt that looks like this:

    ```
    /home/username/.ssh/id_rsa already exists.
    Overwrite (y/n)?
    ```

    If you choose to overwrite the key on disk, you will not be able to authenticate using the previous key anymore. Selecting yes is an irreversible destructive process.

### Password

Once you select a location for the key, you'll be prompted to enter an optional passphrase which encrypts the private key file on disk.

If you enter one, you will have to provide it **every time** you use this key unless you are running **SSH agent** software that stores the decrypted key. 

We recommend using a passphrase, but you can press `ENTER` to bypass this prompt.
Created directory '/home/username/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again:
Now you have a public and private key that you can use to authenticate.
Your identification has been saved in /home/username/.ssh/id_rsa. Your public key has been saved in /home/username/.ssh/id_rsa.pub. The key fingerprint is: a9:49:EX:AM:PL:E3:3e:a9:de:4e:77:11:58:b6:90:26 username@203.0.113.0 The key's randomart image is: +--[ RSA 2048]----+ | ..o | | E o= . | | o. o | | .. | | ..S | | o o. | | =o.+. | |. =++.. | |o=++. | +-----------------+