Warning
This content has been generated by machine translation. The translations are automated and have not undergone human review or validation.
3.3 Creating a Key Pair for SSH Connections
Use SSH Key Pair instead of password to access the server instance. Key pair consists of a private key and a public key, the private key is kept on the user’s computer, and the public key must be registered when the server instance is created.
To create a key pair, you need a key generation tool, if you don’t have one, you’ll use it after installation.
- linux/unix: use ssh-keygen, install OpenSSH(http://www.openssh.com/portable.html) after uninstall
- Windows 10: Use ssh-keygen
- Other Windows: Install and use the PuTTY Key Generator (puttygen.exe) from the PuTTY site (http://www.putty.org/)
- Or download and use autocreated when creating VMs on OCI
Creating SSH Key Pair in Linux/Unix, Windows 10 Environment
-
Running a terminal or Powershell
-
Generate Key Pair via ssh-keygen.
When you issue the command, it additionally requires you to enter a passphrase value. If this is set to the password for the generated private key file, each ssh connection will require additional input. If not, just enter without entering a value.
$ ssh-keygen -t rsa -b 2048 -C "<comment>" -f <output_keyfile>
-
You can see that your personal and public keys are generated in the <output_keyfile>, <output_keyfile>.pub file, respectively.
ubuntu@NOTEBOOK-WORK:~$ ssh-keygen -t rsa -b 2048 -C "my ssh key" -f mysshkey Generating public/private rsa key pair. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in mysshkey Your public key has been saved in mysshkey.pub The key fingerprint is: SHA256:iWtp5RtNqW9prdInSQ0rE8PJjivXMdMeY3LuY5EUAkk my ssh key The key's randomart image is: +---[RSA 2048]----+ | .Eo | | . . . | | o o . | | .*.o. | | .oS=o= | | .=O+@ . | | =o+#.B | | .oo o+% o | | o .*+= | +----[SHA256]-----+
Creating an SSH Key Pair in a Windows Environment
-
Download and install puttygen.exe
-
Select key type as default RSA, set number of bits to 2048
-
Generate Click
-
Move the mouse around the middle of the blank screen until the progress bar reaches the end to produce random data.
-
Created
-
Key comment: Fix if needed
-
Key passphrase: The password for the private key file will prompt for input when ssh is connected. If not, just hit Enter without entering a value.
-
Save private key in Putty private format
Save private key Click to save key without passphrase when prompted Yes Select and save file
The private key stored at this time is stored in PuTTY Private Key (PPK) format and is only available in PuTTY.
-
Save private key in PEM format
PEM format keys are commonly used to connect to Compute VMs over SSH.
In the menu, select Conversions > Export OpenSSH Key. When prompted, select Yes (Y) to save the key without passphrase and save the file
- Example (mysshkey)
-----BEGIN RSA PRIVATE KEY----- MIIEpQIBAAKCAQEArKWHqta/NDy9DsuBpq4SSiS+p3VfUk96la8Q+/LgSJRU+RPI ... HCSSOnUJxQR3xDOnrz4ywSh1bheoxUUjaHI1PtxTQtcNWHW7K2hPblE= -----END RSA PRIVATE KEY-----
-
Save public key
Copies all displayed public key characters and saves them as a file in the location where the private key is stored. The name of the public key is the same as the name of the private key in the same format that ssh-keygen generates, and changes the extension to .pub.
OCI supports the OpenSSH format, but not “Save public key” because it is not stored in the OpenSSH format.
- Example (mysshkey.pub)
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCspYeq1r80PL0Oy4GmrhJKJL6ndV9ST3qVrxD78uBIlFT5E8gV+lbDma+aZN6QpYRTboccyngd5.........qeL5YOmSw2p7Uu5kqflg+45xP3cbm42R1zMLFs81a2+5vHy/nSV523el1 rsa-key-20220110
-
After verifying the file path and file name, the public key is used to connect to the instance using SSH when creating the compute instance.
As an individual, this article was written with my personal time. There may be errors in the content of the article, and the opinions in the article are personal opinions.