An SSH
key is an access credential for the Secure Shell (SSH) network protocol. This authenticated and encrypted secure network protocol is used for remote communication between machines on an unsecured open network. SSH is used for remote file transfer, network administration, and remote access to the operating system. The acronym SSH is also used to describe a set of tools used to interact with the SSH protocol.
SSH uses a key pair to initiate a secure handshake between remote parties. The key pair contains a public and private key. Private vs public naming can be confusing as both are called keys. It is more useful to think of the public key as a “lock” and the private key as the “key”. You publicly ‘lock’ remote parties to encrypt or ‘lock’ data. This data is opened with the key ‘private’ that you have in a safe place.
How to create an
SSH key
SSH keys are generated through a public key cryptographic algorithm, the most common being RSA or DSA. At a very high level, SSH keys are generated through a mathematical formula that takes 2 prime numbers and a random seed variable to generate the public and private key. This is a one-way formula that ensures that the public key can be derived from the private key, but the private key cannot be derived from the public key.
SSH keys are created using a key generation tool. The SSH command-line toolset includes a keygen tool. Most git hosting providers offer guides on how to create an SSH key.
Generate an SSH key on Mac
and Linux
OsX and Linux operating systems have complete modern terminal applications that ship with the SSH suite installed. The process for creating an SSH key is the same between them.
1. Run the following to begin key creation
This command will create a new SSH key using email as label
2. You will then be prompted to “Enter a file in which to save the key.” You can specify a file location or press “Enter” to accept the default file location.
3. The following message will ask for a strong passphrase. A passphrase will add an extra layer of security to the SSH and will be required each time the SSH key is used. If someone gains access to the computer on which the private keys are stored, they could also gain access to any system that uses that key. Adding a passphrase to the keys will prevent this scenario.
At this point, a new SSH key will have been generated in the file path specified above.
4. Add the new SSH
key to the
ssh-agent
The ssh-agent is another program that is part of the SSH toolset. The ssh-agent is responsible for maintaining the private keys. Think of it as a keychain. In addition to maintaining private keys, it also intermediates requests to sign SSH requests with the private keys so that the private keys are never passed without security.
Before adding the new SSH key to the ssh-agent, first make sure that the ssh-agent is running running: Once the
ssh-agent is running, the following command will add the
new SSH key to the local SSH agent.
The new SSH key is now registered and ready to use!
Generate an SSH key in Windows
environments
Windows does not have a standard default Unix shell. You will need to install external shell programs to have a full keygen experience. The easiest option is to use Git Bash. Once Git Bash is installed, the same steps can be followed for Linux and Mac within the Git Bash shell.
Subsystem
Windows Linux
Modern Windows environments offer a Windows Linux subsystem. The Windows Linux subsystem offers a complete Linux shell within a traditional Windows environment. If a linux subsystem is available, the same steps described above for Linux and Mac can be followed in the windows linux subsystem.
Digest SSH keys are used to authenticate secure connections. By following this guide, you will be able to create and start using an SSH key. Git is capable of using SSH keys instead of traditional password authentication when pushing or pulling remote repositories. Modern hosted git solutions like Bitbucket support SSH key authentication.