ssh-keygen — is the simplest tool to generate ssh key. It comes pre-installed in most of Linux distros and Mac.
For windows users the easiest way is to use Git Bash which comes together with Git (even portable) or to use WSL.
If you managed not to have it — it is a part of OpenSSH. For debian branch distros (includes ubuntu) install openssh-client package, on arch openssh.
The basic usage
You’ll be prompted to provide a path where to store generated certificate, with default option pointing to
If your intent is to use the certification for personal identification on current machine accept the default option,
and if the file already exists and you doubt overwriting it just giv it another name staring with
The private key will be written to the path you’ve chosen, the public key will be stored next to it with the
.pub postfix, like on the example below.
For more detailed reference you can refer to ssh-keygen.1 on arch manual manual pages. For a quick reference the most commonly used ones listed below.
-t rsa | dsa | ecdsa | ed25519 encryption type, defaults to
rsa as most commonly used.
-b number key size, for
rsa defaults to 3072, for other algorithms refer to ssh-keygen.1#b.
-C comment typically used for username, defaults to current user. (but still just a comment, don’t have to match any specific user id)
-f filename output file name for private key, the public key will have
.pub appended to filename.
-P passphrase obviously a passphrase