Skip to content

Creating SSH Keys on MacOS or Linux

The standard OpenSSH suite of tools contains the ssh-keygen utility, which is used to generate key pairs. Run it on your local computer:

Terminal
ssh-keygen

The utility prompts you to select a location for the keys. By default, the keys are stored in the ~/.ssh directory with the filenames id_rsa for the private key and id_rsa.pub for the public key.

Using the default locations allows your SSH client to automatically find your SSH keys when authenticating, so we recommend accepting them by pressing ENTER.

Generating public/private rsa key pair.
Enter file in which to save the key (/home/username/.ssh/id_rsa):

Important

If you have previously generated a key pair, you may see a prompt that looks like this:

/home/username/.ssh/id_rsa already exists.
Overwrite (y/n)?

If you choose to overwrite the key on disk, you will not be able to authenticate using the previous key anymore. Selecting yes is an irreversible destructive process.

Password

Once you select a location for the key, you'll be prompted to enter an optional passphrase which encrypts the private key file on disk.

If you enter one, you will have to provide it every time you use this key unless you are running SSH agent software that stores the decrypted key.

We recommend using a passphrase, but you can press ENTER to bypass this prompt.

Created directory '/home/username/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:

Now you have a public and private key that you can use to authenticate.

Your identification has been saved in /home/username/.ssh/id_rsa.
Your public key has been saved in /home/username/.ssh/id_rsa.pub.
The key fingerprint is:
a9:49:EX:AM:PL:E3:3e:a9:de:4e:77:11:58:b6:90:26 username@203.0.113.0
The key's randomart image is:
+--[ RSA 2048]----+
|     ..o         |
|   E o= .        |
|    o. o         |
|        ..       |
|      ..S        |
|     o o.        |
|   =o.+.         |
|. =++..          |
|o=++.            |
+-----------------+