...
Wikipedia has a good article on this concept, but I will briefly cover the main points here.
In public-key authentication, a pair of unique keys are generated, one of which is used to encrypt data, and the other is used to decrypt. As implemented, these are respectively known as public and private keys.
When you run ssh-keygen, this key pair is generated as two files called id_rsa and id_rsa.pub. id_rsa.pub contains your public key, and the contents of this file are added to a list of authorized keys (usually a file called authorized_keys) on the SSH server to grant access to the user with the matching private key. It is important to keep your private key secret, as anyone who possesses it can potentially log in as you without a password (we'll get to protecting your private key with a passphrase in a bit).
...
Assuming that you are logged in as you, open up a terminal and run
ssh-keygen -t rsa -b 2048
You'll see something like this:
| Code Block | ||||
|---|---|---|---|---|
| ||||
$ ssh-keygen -t rsa -b 2048
Generating public/private rsa key pair.
Enter file in which to save the key (/home/user/.ssh/id_rsa):
|
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
Enter passphrase (empty for no passphrase): Enter same passphrase again: |
You will definitely want to use a strong passphrase for your key. This is used to unlock the private key so that it can be used, and is the last line of defense if your private key is stolen.
...