SSH keys are a pair of security keys used to log into an SSH server instead of using a password. There are two keys: a public key, which you can share with others, and a private key, which you must keep safe.
The PEM format is a common way to store and send these security keys and certificates. It is easy to recognize because it starts with “-----BEGIN CERTIFICATE-----“ and ends with “-----END CERTIFICATE-----“. It is popular because it works well with different systems and software.
Generate SSH Key in PEM Format
First, open your terminal application. Linux and macOS users can find it in their applications menu. Windows users should open Git Bash or use the integrated terminal in Windows Subsystem for Linux (WSL) if it’s installed. If you like online tools, you can try this: https://showdns.net/ssh-key-generator
To generate a new SSH key pair in PEM format, use the following command:
ssh-keygen -m PEM -t rsa -b 4096 -f ~/.ssh/id_rsa.pem
This command does the following:
- -m PEM specifies that the key should be generated in PEM format.
- -t rsa specifies the type of key to create, in this case, RSA.
- -b 4096 specifies the number of bits in the key, in this case, 4096 bits for added security.
- -f ~/.ssh/id_rsa.pem specified the key file name.
After running the command, you’ll be prompted to enter a file in which to save the new key pair. If you don’t have an existing SSH key or you want to create a new one for a specific purpose, you can press enter to save it to the default location (~/.ssh/id_rsa).
Copy the Public Key to Your Server
After generating your SSH key pair, the next step is to install the public key on the server you wish to access securely.
Use the ssh-copy-id command to copy your public key to the server. Replace your_username@hostname with your actual username and the hostname or IP address of your server:
ssh-copy-id -i ~/.ssh/id_rsa.pem.pub your_username@hostname
If ssh-copy-id is not available, you can manually copy the public key using scp or paste it into the server’s ~/.ssh/authorized_keys file.
Conclusion
Creating SSH keys in PEM format is simple and greatly improves the security of your server connections. By doing this, you can make sure your connections are safe and easy to use, without needing passwords and lowering the chance of unauthorized access.