- Generate a key pair locally
- Give the public key to the remote server
- Keep the private key yourself
ssh-keygen -t ed25519
Previously, i used to use
rsa as the type, but i have since moved on to
ed25519. Ed25519 is a newer public-key algorithm which is faster (and safer) than RSA. Ed25519 public-key is also more compact, containing only 68 characters as compared to RSA 3072 that has 544 characters. Ed25519 is supported by OpenSSH so you should be good in almost all cases.
Github recommends passing it your email with -C which is then uses as a label.
cd ~/.ssh && ssh-keygen -t ed25519 -C "firstname.lastname@example.org"
Copy .pub file to remote
scp id_ed25519.pub user@remoteserver:location
On linux you can do
The remote server doesn’t like the authorizated_keys file having too many permissions. For better security, change the authorizated_keys file to
600 and the ssh folder to
700. The permissions on
.ssh can not be any higher than 755.
chmod 600 ~/.ssh/authorized_keys chmod 700 ~/.ssh
You might even have to change permissions for the
chmod go-w ~/
The config file for the ssh daemon is at:
You can also use the
find command to find the file location:
find / -name sshd_config
Make a copy of the config file if you are afraid of messing it up
cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak
service sshd restart
If you don’t know what the service name for ssh is, you can list all of the services to find out:
.ssh/config (local system)
You can create an SSH config file at
~/.ssh/config and save all your SSH connection settings there. You will then be able to run
ssh FOO and connect with all the settings defined for the host FOO.
# My settings for connecting to FOO server Host foo #HostName www.myfooserver.com HostName 123.456.789.123 User USERNAME Port 22 IdentityFile ~/.ssh/MY_SSH_KEY
ssh-agent and load your keys
See if ssh-agent is running:
ps -e | grep [s]sh-agent
Load ssh key:
List loaded ssh keys:
Copy key to clipboard
Copy your key to your clipboard with (Linux only):
cat ~/.ssh/id_ed25519.pub | pbcopy
Simple as that. Though troubleshooting might be needed.
- make sure the .pub key has been copied to the
authorized_keysfile, on remote server, in the
~/.sshfolder. If it doesn’t exist, create one.
- make sure that the path you copied to is the path specifies in the ssh config file. The ssh config file is at: `sshd_config
- if the error doesn’t make sense try ssh with verbose mode
- make sure you have no extra white space at the end when you copy the key, because that can throw it in a loop.