SSH (Secure Shell) keys are a pair of cryptographic keys used to authenticate to an SSH server as an alternative to password-based logins. A key pair consists of a public key, which you can share freely, and a private key, which must be kept secure.
The PEM format, standing for Privacy Enhanced Mail, is a widely used format for storing and sending cryptographic keys, certificates, and other data. It is recognizable by its “—–BEGIN CERTIFICATE—–“ and “—–END CERTIFICATE—–“ headers and footers. Its popularity stems from its compatibility and ease of use across different systems and software.
Generate SSH Key in PEM Format
First, open your terminal application. Linux and macOS users can find it in their applications menu. Windows users should open Git Bash or use the integrated terminal in Windows Subsystem for Linux (WSL) if it’s installed.
To generate a new SSH key pair in PEM format, use the following command:
ssh-keygen -m PEM -t rsa -b 4096 -f ~/.ssh/id_rsa.pem
This command does the following:
- -m PEM specifies that the key should be generated in PEM format.
- -t rsa specifies the type of key to create, in this case, RSA.
- -b 4096 specifies the number of bits in the key, in this case, 4096 bits for added security.
- -f ~/.ssh/id_rsa.pem specified the key file name.
After running the command, you’ll be prompted to enter a file in which to save the new key pair. If you don’t have an existing SSH key or you want to create a new one for a specific purpose, you can press enter to save it to the default location (~/.ssh/id_rsa).
Copy the Public Key to Your Server
After generating your SSH key pair, the next step is to install the public key on the server you wish to access securely.
Use the ssh-copy-id command to copy your public key to the server. Replace your_username@hostname with your actual username and the hostname or IP address of your server:
ssh-copy-id -i ~/.ssh/id_rsa.pem.pub your_username@hostname
If ssh-copy-id is not available, you can manually copy the public key using scp or paste it into the server’s ~/.ssh/authorized_keys file.
Conclusion
Generating SSH keys in PEM format is a straightforward process that significantly enhances the security of your server connections. By following these steps, you can ensure that your connections are both secure and convenient, eliminating the need for password logins and reducing the risk of unauthorized access.
