Quick reference for creating SSH keys

Creating the Key

Run the following command in a terminal:

ssh-keygen -t rsa -b 4096 -C "[email protected]"

Follow the steps and type a secure passphrase.

Using the SSH agent

Typing the passphrase every single time we use the key can be a bit exhausting, fortunately we can use a ssh agent to solve this problem. Run the following command in terminal to spawn the agent.

eval "$(ssh-agent -s)"

Now add your key to the agent:

ssh-add ~/.ssh/id_rsa 

Note.- the flag -l can be used to list the fingerprints of all identities currently represented by the agent.

ssh-add -l

Using Keychan to spawn the agent automatically

So far we were able to connect to our ssh server automatically during the current session, but the agent will be removed when we logout. If we are looking for persistence we can use keychan and introduce the passphrase only when we start or reboot the server.

Install keychan:

sudo apt-get install keychain

Open .bash_profile with your text editor:

vim ~/.bash_profile

and type the following line:

eval `keychain --eval --agents ssh id_rsa`

This will add the id_rsa to keychan. The next time you login you will see a screen similar to this, asking for the passphrase:

* keychain 2.8.1 ~ http://www.funtoo.org
* Found existing ssh-agent: 11234
* Known ssh key: /home/ubuntu/.ssh/id_rsa

Enter passphrase for /home/your_user/.ssh/id_rsa:

Introduce the passphrase and we are done.