Skip to content. | Skip to navigation

Personal tools

Navigation

You are here: Home / Computing / Hackathon Resources / Generating an SSH Key

Generating an SSH Key

Introduction

SSH keys are used in place of passwords to authenticate users in certain situations.  One of those use cases includes interactions with remote Git repositories (hosted at GitHub, biof-git, etc.).  Keys tend to be more secure than passwords because they're much longer and harder to duplicate, but a little working knowledge of the components that go into SSH keys helps understand it better. 

The keys that are most commonly used today are called RSA keys.  RSA is a crypto mechanism that has been thoroughly tested and is known to be secure.  Without going into too much detail, there is a public component of every key as well as a private component.  The host you're trying to connect to uses your public key to encrypt traffic going to your local computer, and only the private key can decrypt the data.  That being said, you can give your public key (pubkey) to anyone and the most they could do with it is grant you access to their machine.  You should NEVER give out the private key though. Read on to find out how to generate these key pairs on different operating systems.

Generating a keypair for Windows

Generating a keypair on Windows is actually exactly the same as using Linux or OS X assuming you're using Git Bash (a wrapper for Cygwin that enhances its functionality and pulls in Git dependencies).  You can download the installer here.  I recommend using all of the default install options.  Once you have installed Git Bash and can launch it, follow the Linux or OS X instructions below.  

Generating a keypair on Linux or OS X

Because Linux-based operating systems and OS X both have native access to a terminal we don't have to install any additional software.  So, open your terminal (called "Terminal" in OS X, there are too many to name for Linux) and let's first check if there is already a key in place.  The default location for an SSH key is $HOME/.ssh/id_rsa or $HOME/.ssh/id_rsa.pub (the public component is usually specified with a .pub extension).  You could see if one exists by using the "file" command like so -- the first example is what you will see if there IS a key, and the second is what you'd see if there IS NOT:

-bash-4.2$ file $HOME/.ssh/id_rsa.pub
/home/jode5573/.ssh/id_rsa.pub: OpenSSH RSA public key
-bash-4.2$ file $HOME/.ssh/id_rsa.pub
/home/jode5573/.ssh/id_rsa.pub: cannot open (No such file or directory)

If you already have a key, you can skip the next step to generate one.  If not, the following command will generate a 4096-bit RSA key and put it in the default location.  You can set a password on the key if you want, but in general it's okay to omit a password.  The password is an extra level of protection so that if someone DOES get access to your private key, they still need a password to utilize it. 

-bash-4.2$ ssh-keygen -t rsa -b 4096
Generating public/private rsa key pair.
Enter file in which to save the key (/home/jode5573/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/jode5573/.ssh/id_rsa.
Your public key has been saved in /home/jode5573/.ssh/id_rsa.pub.
The key fingerprint is:
75:e8:86:88:97:89:a9:0f:8a:ed:ec:aa:28:fa:15:e4 jode5573@biof-test.colorado.edu
The key's randomart image is:
+--[ RSA 4096]----+
|                 |
|           .     |
|    .     o .    |
|   o + + + .     |
|    E = S o      |
|   . o   .       |
|  o .            |
|++ +             |
|@=* .            |
+-----------------+

 

Now, having generated that key, you should be able to use the "cat" command to print the public component for use with GitLab or other services. 

-bash-4.2$ cat $HOME/.ssh/id_rsa.pub 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC+ZOYQJhohkmmzFHzUtcpfmdUtZ9iTbMq5c9ec1D9euN8Z4RB60hGAX6sXMTn06FF9eU7HR/JTNedvd9vuZFwn903weYEoprC93CfinNn8RfAy4QpSpbs/X6/KcbsQZg4/QpI9qB2zgL9vz5l9oIiZE2oy66rhxZQo+hTsdpej24aD5Q5WdxLyUN/nIsNO7ZN2FXP+YZyio8A7U24Vs/QhVUR6JS+cCtlR7mqZBcHTMrQqvC4Jj0dqxn5bG2NtUgh8mS7PljMRcMdyFPXeBGkIjN1C96lKKc6vQLXnhUKj6h8pJdRalD3uXooEdH+vzCjLFU+AJzWVJbYLJIpCVZs1H+n2RNmhlvBqkN5OhGoCaX0S7b7E1EVuHbxDwIn2JjaxSaSWoB+BOmTblE2rCrhWm/BoTVAm4h2dgwq3Lvj3pclOF5sHb/MltYgisby8QwhEFyf66V00BiPHPZX3Xg2PnVgmo9I5lpP9sEzAsOL63EVShmVVN41PkoaqZuqqWSrlgKw0YENb1EaZ9UtbYT6dRpMCKktlcXFXIBtq1iuSbmWYRhBvDw3a2VHc3k7SWYgGiFrbDbPA0efFQhiutdj2d1wDf1Aa0ApmC5Qcgsl/T6MYep2jIuzpThR5mhF1FH7HpnfbmedwAgg0eGHIqy+lMSDl27UkAHKnz0jdTsHgcw== jode5573@biof-test.colorado.edu

 

 

This is Pacific Theme