Skip to main content

Generating a SSH key: Linux, MacOS, and WSL

Install ssh-keygen

The instructions below use ssh-keygen to create a public-private key pair. Most Linux distributions and MacOS provide ssh-keygen by default. If your computer does not have ssh-keygen, use your computer's package manager to install the ssh package, which includes ssh-keygen.

Create a public-private key pair

Follow the steps below to use ssh-keygen to create a public-private key pair:

  1. Open a terminal.

  2. Run ssh-keygen and follow the on-screen instructions.

    1. Enter a location to save the key pair. Typically, the default location for key pairs is ~/.ssh/id_rsa.
    2. Optionally, enter and re-enter a passphrase for the key pair. If you enter a passphrase, you will have to enter it each time you want to use the key pair.

    The private key will be saved to the path entered in Step i, such as ~/.ssh/id_rsa. The public key will be saved to the path entered in Step i appended with the .pub extension, such as ~/.ssh/id_rsa.pub.

Add your SSH key to your SSH agent

To enable your SSH client to automatically use your key to connect to workstations, follow the instructions below to add your key to your SSH agent.

  1. Ensure that your SSH agent is running by executing eval "$(ssh-agent -s)".
  2. Add the key to your SSH agent by running ssh-add {private-key-path}.

If you do not add your keys to your SSH agent, you will need to use SSH's -i option to specify your private key each time you use SSH.