Generate SSH keys on Linux using ssh-keygen

Last week I have illustrated how to Generate SSH keys on Windows using PuTTY, now I will explaining you how to generate SSH keys on Linux using ssh-keygen.

The first thing you need to do to have ssh-keygen is to install openssh-client. Most distributions have it by default, but if you don’t you can install it with the package manager of your distribution; if you have Debian, Ubuntu, or a derivates, you can use the following command:
$ sudo apt-get install openssh-client
Once installed, from the command line give the following command:
$ ssh-keygen -t rsa -C "INSERT_COMMENT_HERE"
For “INSERT_COMMENT_HERE” you should put a string of test that help to identify the key; most of the time is the full name or e-mail of the user.

Once you given the command, you should get an output like that:
Generating public/private rsa key pair.
Enter file in which to save the key (/home/YOUR_USER/.ssh/id_rsa):

It is asking you where do want to store the keys; by default the key will be saved on /home/YOUR_USER/.ssh/id_rsa, but you can input any folder and/or. Note that if you don’t use the default keys names, or store your keys in a different path, you may need to run “ssh-add path/to/my_key” so that ssh knows where to find your key and for any other program that need to use them it should be configured manually.

The output will follow as this:
Enter passphrase (empty for no passphrase):
Enter same passphrase again:

Here ssh-keygen is asking you for a passphrase. You should use a good passphrase for your keys.

Then the output will continue:
Your identification has been saved in /home/YOUR_USER/.ssh/id_rsa.
Your public key has been saved in /home/YOUR_USER/.ssh/id_rsa.pub.
The key fingerprint is:
2048 40:94:b0:1d:99:ad:83:8c:0f:41:9d:8b:85:7b:dc:2f [email protected] (RSA)

Take note of the fingerprint because if you have to share your public key, the recipient will (or should) ask for it in order to be sure that the key he/she received is actually yours.

Once you have done that you should immediately create a backup of the entire folder where the keys are saved, and store it in a very safe place.