Wiki

2. SSH Keypair


How to Use SSH Public Key Authentication


Public key authentication is a way of logging into an SSH/SFTP account using a cryptographic key rather than a password.

If you use very strong SSH/SFTP passwords, your accounts are already safe from brute force attacks. However, using public key authentication provides many benefits when working with multiple clients.

How Public Key Authentication Works


Keys come in pairs of a public key and a private key. Each key pair is unique, and the two keys work together.

These two keys have a very special and beautiful mathematical property: if you have the private key, you can prove you have it without showing what it is. It's like proving you know a password without having to show someone the password.

Public key authentication works like this:

  1. Generate a key pair.
  2. Give someone (or a server) the public key.
  3. Later, anytime you want to authenticate, the person (or the server) asks you to prove you have the private key that corresponds to the public key.
  4. You prove you have the private key.

You don't have to do the math or implement the key exchange yourself. The SSH server and client programs take care of this for you.

Generate an SSH Key Pair


The process of generating a key pair, as mentioned earlier, may vary depending on the operating system you are using. This is because different operating systems have different built-in tools and commands for creating SSH keys. As such, it is crucial to select the appropriate instructions for your specific operating system.

Please select the operating system you are using from the options in the sidebar.