Introduction
SSH (Secure Shell) keys are a pair of cryptographic keys used to authenticate to an SSH server as an alternative to password-based logins. A key pair consists of a public key, which you can share freely, and a private key, which must be kept secure.
The PEM format, which stands for Privacy Enhanced Mail, is a widely used format for storing and sending cryptographic keys, certificates, and other data. It can be recognized by the headers and footers "—–BEGIN CERTIFICATE—–" and "—–END CERTIFICATE—–". Its popularity comes from its compatibility and ease of use across different systems and software.
Generate SSH key in PEM format
First, open the terminal application. Linux and macOS users can find it in the applications menu. Windows users should open Git Bash or use the terminal built into the Windows Subsystem for Linux (WSL) if it is installed.
To generate a new SSH key pair in PEM format, use the following command:
ssh-keygen -m PEM -t rsa -b 4096 -f ~/.ssh/id_rsa.pem
This command does the following:
- -m PEM specifies that the key should be generated in PEM format.
- -t rsa specifies the type of key to create, in this case RSA.
- -b 4096 specifies the number of bits in the key, in this case 4096 bits for added security.
- -f ~/.ssh/id_rsa.pem specified the key file name.
After running the command, you will be prompted to insert a file in which to save the new key pair. If you don't have an existing SSH key or want to create a new one for a specific purpose, you can press Enter to save it to the default location ( ~/.ssh/id_rsa
).
Copy the public key to your server
After generating the SSH key pair, the next step is to install the public key on the server you want to access securely.
Use the ssh-copy-id command to copy your public key to the server. Replace your_username@hostname with your actual username and the hostname or IP address of your server:
ssh-copy-id -i ~/.ssh/id_rsa.pem.pub your_username@hostname
If ssh-copy-id is not available, you can manually copy the public key using scp or paste it into your server's ~/.ssh/authorized_keys file.
Conclusion
Generating SSH keys in PEM format is a simple process that significantly improves the security of server connections. By following these steps, you can ensure your connections are secure and convenient, eliminating the need for password logins and reducing the risk of unauthorized access.