ssh-keygen is a Unix utility that is used to generate, manage, and convert authentication keys for ssh authentication. With the help of the ssh-keygen tool, a user can create passphrase keys for both SSH protocol version 1 and version 2. ssh-keygen creates RSA keys for SSH protocol version 1 and RSA or DSA keys for use by SSH protocol version 2. These keys differ from keys used by GNU Privacy Guard.


Compute Systems Invocation Version(s)
Red Hat Linux (64-bit) % /usr/bin/ssh-keygen 4.3 (default)


  1. Generate Your Key Pair.

    To fully exploit OpenSSH's security features, generate a public and private key pair. Run:

    % ssh-keygen -t rsa
    Generating public/private rsa key pair.
    Enter file in which to save the key (/home/csdue/username/.ssh/id_rsa):
    Enter passphrase (empty for no passphrase):
    Enter same passphrase again:
    Your identification has been saved in /home/csdue/username/.ssh/id_rsa.
    Your public key has been saved in /home/csdue/username/.ssh/
    The key fingerprint is:
    d3:73:34:63:ed:e4:29:7d:4d:64:5d:7a:db:fd:44:22 username@hostname.cse.Buffalo.EDU

    ssh-keygen requests a passphrase which is used to generate the keys. This passphrase can then be used to authenticate when using any of the ssh commands instead of your UNIX password.