SSH Key Pair for Secure Connection

Spread the love

To generate the new SSH keys for your GitHub, GitLab, BitBucket repository or remote/web server, for example, to be able to connect to your remote/web server securely using the SSH key and not username/password, follow the steps below.

Generate new SSH key pair

Go to your home directory, create .ssh folder and run the following command in it:

ssh-keygen -t ed25519 -C "<comment>"

You can use other encryption type, for example rsa:

ssh-keygen -t rsa -b 2048 -C "<comment>"

Follow the instructions prompted, set your passphrase if you like (or just click enter for no passphrase), you should see something like:

ubuntu@server:~/.ssh$ ssh-keygen -t ed25519 -C "test keys"
Generating public/private ed25519 key pair.
Enter file in which to save the key (/home/ubuntu/.ssh/id_ed25519): ./test_ssh_key
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in ./test_ssh_key
Your public key has been saved in ./
The key fingerprint is:
SHA256:+ZkADVkIG/8rqdbt2ae95rSXGd4IxkYH/4dSe85mUVs test keys
The key's randomart image is:
+--[ED25519 256]--+
|    o..+.        |
|     +oo    .    |
|    . o .    o   |
|       o .  . + E|
|        S  o o ++|
|       . + o* +o+|
|     .o.. +o.+ Xo|
|    .....o oo.* *|
|   ..  .o o==o o |

Two files of OpenSSH key pair will be generated, one – private key (test_ssh_key) and another – public key (

ubuntu@server:~/.ssh$ ls -al
total 12
drwx------  2 ubuntu ubuntu 4096 Apr  3 18:15 .
drwxr-x--- 19 ubuntu ubuntu 4096 Apr  3 16:02 ..
-rw-------  1 ubuntu ubuntu  399 Apr  3 18:15 test_ssh_key
-rw-r--r--  1 ubuntu ubuntu   91 Apr  3 18:15

Configure SSH to point to a different directory

You can point your SSH client to a specific directory where your SSH kay pair is located, so every time when you will connect to any server via SSH your SSH client will try to look for the SSH keys in that directory:

eval $(ssh-agent -s) && \
ssh-add <directory to private SSH key>

Put your SSH keys in config file

You can also link your SSH keys for specific servers in ~/.ssh/config file:

  PreferredAuthentications publickey
  IdentityFile ~/.ssh/test_ssh_key

# Private WebServer instance
  PreferredAuthentications publickey
  IdentityFile ~/.ssh/test_ssh_key

Upload your public SSH key

After you generated SSH key pair, the public key should be uploaded to your GitHub, GitLab, BitBucket or remote server which you want to connect via SSH in the future using the SSH keys.

The private key shall remain with you only, it will be used by your SSH client, on your local machine (or machine where you will be establishing SSH connection from) and should not be shared with anyone or anything.

Connect via SSH using your keys

Now you should be able to clone your GitHub repository easily using the simple command:

git clone [email protected]:<account>/<gitrepo>.git

Or you can connect to your remote server (i.e.

ssh <username>

Otherwise you can always use -i parameter with the path to your SSH private key:

ssh -i ~/.ssh/test_ssh_key [email protected]

You can use your SSH private key in any File transfer software (i.e. FileZilla, WinSCP, etc.), please note that WinSCP requires .ppk keys, you can convert your OpenSSH keys to Putty (.ppk) keys.

That’s all. Congratulations! Now you will be more protected than ever ))