18.7.3.1. Generating an RSA Key Pair for Version 2

18.7.3.1. Generating an RSA Key Pair for Version 2

Use the following steps to generate an RSA key pair for version 2 of the SSH protocol. This is the default starting with OpenSSH 2.9.

  1. To generate an RSA key pair to work with version 2 of the protocol, type the following command at a shell prompt: 

    ssh-keygen -t rsa

    Accept the default file location of ~/.ssh/id_rsa. Enter a passphrase different from your account password and confirm it by entering it again.

    The public key is written to ~/.ssh/id_rsa.pub. The private key is written to ~/.ssh/id_rsa. Never distribute your private key to anyone.

  2. Change the permissions of the .ssh directory using the following command: 

    chmod 755 ~/.ssh

  3. Copy the contents of ~/.ssh/id_rsa.pub into the file ~/.ssh/authorized_keys on the machine to which you want to connect. If the file ~/.ssh/authorized_keys exist, append the contents of the file ~/.ssh/id_rsa.pub to the file ~/.ssh/authorized_keys on the other machine.

  4. Change the permissions of the authorized_keys file using the following command: 

    chmod 644 ~/.ssh/authorized_keys

  5. If you are running GNOME or are running in a graphical desktop with GTK2+ libraries installed, skip to Section 18.7.3.4, “Configuring ssh-agent with a GUI”. If you are not running the X Window System, skip to Section 18.7.3.5, “Configuring ssh-agent.


Note: This documentation is provided {and copyrighted} by Red Hat®, Inc. and is released via the Open Publication License. The copyright holder has added the further requirement that Distribution of substantively modified versions of this document is prohibited without the explicit permission of the copyright holder. The CentOS project redistributes these original works (in their unmodified form) as a reference for CentOS-5 because CentOS-5 is built from publicly available, open source SRPMS. The documentation is unmodified to be compliant with upstream distribution policy. Neither CentOS-5 nor the CentOS Project are in any way affiliated with or sponsored by Red Hat®, Inc.