Access to hosted Linux systems
Access to hosted Linux systems
Creation of a secure key pair for SSH under Linux
The following is an example of how to generate a secure SSH key pair. When generating, make sure that you generate a key pair of type ed25519. This is an elliptic curve for asymmetric cryptosystems that is categorised as secure.
We strongly recommend that you assign a secure passphrase ("password") to make unauthorised use of the private key more difficult.
ssh-keygen -t ed25519 -C "vorname.nachname@uol.de"
$ ssh-keygen -t ed25519 -C "vorname.nachname@uol.de" Generating public/private ed25519 key pair. Enter file in which to save the key (/home/user/.ssh/id_ed25519): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/user/.ssh/id_ed25519 Your public key has been saved in /home/user/.ssh/id_ed25519.pub The key fingerprint is: SHA256:OOhhR0rT3B8L808l2IROVwzTGJsIHGXXXXXXXXXXXXXXX vorname.nachname@uol.de The key's randomart image is: +--[ED25519 256]--+ | .oSo.=B. | | o ..oo*o+o | | o + +o=.B . | | . o = *.X o | | = * S * + | | o o B o | | . o . E | | . . | | | +----[SHA256]-----+ $
The public key is located in the file ~/.ssh/id_ed25519.pub. You store the content of the file - your public key - on the Linux servers you use in the file ~/.ssh/authorised_keys (one key per line). Afterwards, logging in to the system is no longer done by entering a password, but via your SSH key pair.
Creation of a secure key pair for SSH under Windows
The creation of a key pair for SSH under Windows is explained here. You will need the Puttygen programme for this and Putty for later access. Make sure that you always use the latest version of the programme.
The following screenshot shows the procedure for creating a key pair.
- Select the type EdDSA.
- Check whether Ed25519 (255 bits) is set.
- Click on Generate. Then move the mouse back and forth on the grey area of the window until the progress bar disappears.
- You can enter a comment for the key pair, e.g. your email address vorname.nachname@uol.de.
- Assign a secure passphrase (password) with which the private key must be unlocked.
- Repeat the assigned passphrase.
- Save the public key.
- Save the private key in a folder that only you have access to.
You can now store the public key on the Linux system.
Use the private key with Git
Before you can use your private key to access git via ssh you have to convert the keyformat. The conversion is done with Puttygen with following steps:
- File → Load private key
- Conversions → Export OpenSSH key
- Save the file in a directory where only you have permission to access.
- Reference the exported key in git