Generating an SSH Key Pair
This article will describe how to generate the SSH key pair on a Mac. This is the first step to connect to a variety of services, e.g. a Git repository.
The Command for Generation
You may already have this on your computer, pls look in the following directory: ~/.ssh, for a public key ("id_rsa.pub") and a private key ("id_rsa"). If you already have those, then you can skip this step.
If you don't have the public and private key yet, then issue the following command:
ssh-keygen -t rsa -b 4096 -C [email protected]
Here is the meaning of the options in this command:
During generation it will ask you to confirm the file where the key will be stored, as well as your passphrase, you can either have a passphrase or leave it empty.
This is how this looked on my machine:
olgastrijewski@MacBook-Pro ~ % ssh-keygen -t rsa -b 4096 -C "[email protected]"
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/olgastrijewski/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /Users/olgastrijewski/.ssh/id_rsa
Your public key has been saved in /Users/olgastrijewski/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:mQ0yiAImipQ7OWCPMKXbxxjxk2Zri+kfaOsuIr0oP2o [email protected]
The key's randomart image is:
+---[RSA 4096]----+
|o++ |
|@+ + o |
|O.B B o . |
| X B o o = |
|. = = S . |
| * . |
| .= o |
|=Eo. . |
|B*B+. |
+----[SHA256]-----+
olgastrijewski@MacBook-Pro ~ %
After this, you will find the two files for the public key (id_rsa.pub) and the private key (id_rsa) created in your .ssh directory:
olgastrijewski@MacBook-Pro ~ % ls -al .ssh/
total 64
drwx------ 10 olgastrijewski staff 320 23 May 18:09 .
drwxr-xr-x+ 63 olgastrijewski staff 2016 23 May 14:57 ..
-rw------- 1 olgastrijewski staff 3381 23 May 18:09 id_rsa
-rw-r--r-- 1 olgastrijewski staff 742 23 May 18:09 id_rsa.pub
olgastrijewski@MacBook-Pro ~ %
Quite often I need several SSH keys stored on my computer, for different login credentials. Then we'd need to have them stored in different files. Using the command described in this article, it will ask you for the file name where you want to store the keys. Or you can add option "-f", such as "-f ~/.ssh/id_rsa_custom" to specify the file name in the command line.
Add the Private Key to the SSH Agent
After generating the key, you need to add the private key to your local SSH agent:
ssh-add /Users/olgastrijewski/.ssh/id_rsa
If ssh-add is not working, ensure the SSH agent is running:
eval "$(ssh-agent -s)"
ssh-add /Users/olgastrijewski/.ssh/id_rsa
Update SSH Configuration
Once you have your key pair generated, you can update your ~/.ssh/config file to indicate that this identity will be used when connecting to certain repositories. Open the file (or create it if it doesn’t exist):
Host bitbucket.org
HostName bitbucket.org
User git
IdentityFile /Users/olgastrijewski/.ssh/id_rsa
IdentitiesOnly yes
Save and close the file.
Test SSH Connection
Test your connection to the repository using the SSH key, for example:
ssh -T [email protected]
A successful connection should return a message like:
authenticated via ssh key.
You can use git to connect to Bitbucket. Shell access is disabled
If you have an issue, you can confirm no other SSH keys are interfering. You can list loaded keys:
ssh-add -l
Conclusion
With the command described in this tutorial, you have generated an SSH key pair on your machine. Now you can connect to the service that requires you to provide an SSH key - make sure you provide them your public key, not your private key!