Difference between revisions of "SSH create key"

(Created page with "Category:Linux =How-to generate SSH private / public keys= ==Linux== ===Create key=== 1. Log-in with the user you want to use. 2. Generate a pair of authentication...")
 
 
Line 3: Line 3:
  
 
=How-to generate SSH private / public keys=
 
=How-to generate SSH private / public keys=
 +
 +
The following settings are based on the ANSSI (French security entity) - 2014/11. See http://www.ssi.gouv.fr/entreprise/guide/recommandations-pour-un-usage-securise-dopenssh/
  
  
Line 16: Line 18:
 
<syntaxhighlight lang="bash">
 
<syntaxhighlight lang="bash">
 
# Generating public/private rsa key pair
 
# Generating public/private rsa key pair
ssh-keygen -t rsa
+
ssh-keygen -t ecdsa -b 256 -f username.ssh
</syntaxhighlight>
 
 
 
>> Enter file in which to save the key: /home/''user''/'''.ssh'''/id_rsa
 
 
 
Log sample:
 
<syntaxhighlight lang="bash">
 
Created directory '/home/a/.ssh'.
 
Enter passphrase (empty for no passphrase):
 
Enter same passphrase again:
 
Your identification has been saved in /home/a/.ssh/id_rsa.
 
Your public key has been saved in /home/a/.ssh/id_rsa.pub.
 
The key fingerprint is:
 
3e:4f:05:79:3a:9f:96:7c:3b:ad:e9:58:37:bc:37:e4
 
 
</syntaxhighlight>
 
</syntaxhighlight>
  
  
'''Summary'''
+
'''Output details'''
  
* id_rsa == private key
+
* username.ssh == private key
* id_rsa.pub == public key
+
* username.ssh.pub == public key
  
  

Latest revision as of 23:05, 20 March 2016


How-to generate SSH private / public keys

The following settings are based on the ANSSI (French security entity) - 2014/11. See http://www.ssi.gouv.fr/entreprise/guide/recommandations-pour-un-usage-securise-dopenssh/


Linux

Create key

1. Log-in with the user you want to use.


2. Generate a pair of authentication keys.

# Generating public/private rsa key pair
ssh-keygen -t ecdsa -b 256 -f username.ssh


Output details

  • username.ssh == private key
  • username.ssh.pub == public key


Convert OpenSSH key to Windows Putty

See: http://meinit.nl/using-your-openssh-private-key-in-putty


Windows

You can generate private / public keys with PuttyGen = Putty key generator.


puttyGen first step


When the keys are OK, you have to enter a key pass-phrase. Your pass-phrase must be:

  • long (> 15 characters)
  • hard to guess
  • with letters + signs + numbers


Reminder

how to choose your passphrase and protect it: http://www.alcf.anl.gov/resource-guides/user-authentication-policies


PuttyGen 2nd step


Then, save your keys! You should be the only one to access the save location.




References

Source:

Windows - putty software: http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html


How to transform a SSH key into Windows Putty: http://meinit.nl/using-your-openssh-private-key-in-putty