Creating a new Key pair in Mac OS X or Linux

Overview

This article walks you through generating a key pair on your computer. You can then use this when purchasing a new Self-Managed VPS, or to upload to your DreamCompute dashboard.

Creating a Key pair

To generate a new Key pair, run the following commands on your home computer.

1. Open an SSH terminal.

2. Generate an ed25519 private key using ssh-keygen under your username:

   [local]$ ssh-keygen -t ed25519
   Generating a public/private ed25519 key pair.
   Enter the file in which you wish to save the key (i.e., /Users/username/.ssh/id_ed25519):

   RSA Keys for old systems

   The recommended key format is ED25519. However, if you are using older hardware or software that doesn't support Ed25519, you will need to create an RSA key instead using this command:

   [local]$ ssh-keygen -t rsa -b 4096

   Custom key name

   If you press Enter, the key will be created with the default name of id_ed25519.

   You can name this anything you like, but if you choose a custom name, you'll need to let your SSH client know about the new key using Step #6 in this article. Also, if you choose to use a custom name, make sure to specify the full path to your user's .ssh directory. If you do not, the new key pair is created in the directory you're running the command. For example:

   [local]$  ssh-keygen -t ed25519
   Generating a public/private ed25519 key pair.
   Enter the file in which you wish to save they key (i.e., /Users/username/.ssh/id_ed25519): /Users/username/.ssh/customkey_ed25519

3. Proceed through the prompts that appear.

   Enter a passphrase (leave empty for no passphrase).

   You do not need to enter a passphrase, but it's highly recommended as it protects your private key if compromised. If so, someone would still need your passphrase in order to unlock it. The exception to this is if you're running an automated process such as as cron job. You should then leave the password out. From ssh-copy-id:

   "Generally all keys used for interactive access should have a passphrase. Keys without a passphrase are useful for fully automated processes."

4. Press Enter to continue.

   Enter same passphrase again:

5. Press Enter to continue. The following message appears:

   Your identification has been saved in /Users/username/.ssh/custom_ed25519
   Your public key has been saved in /Users/username/.ssh/custom_ed25519.pub
   The key fingerprint is:
   SHA256:7pNvrznUREXWY2r1otEwUWo40aKfZDFsUVDac3YuzrI
   The key's randomart image is:
   +--[ED25519 256]--+
   |            o+*+=|
   |             X..o|
   |            @.= +|
   |           o #.* |
   |        Q o @oB o|
   |       .   *.C.+ |
   |        ..S.+    |
   |       .o . .o   |
   |        .+..+.   |
   +----[SHA256]-----+
   

6. Confirm your new keys have been created:

   [local]$ ls -la ~/.ssh
   id_ed25519
   id_ed25519.pub

Viewing your public key

Once the key pair is created, you can then view your public key using the cat command.

[local]$ cat ~/.ssh/id_ed25519.pub
ssh-ed25519 ABCDE357NzbC2lFDI5NT6E5BBAAIOofsRYyflU+pq7/sUMF9UeGWWfuoE38BNH6zF928vY5

You can then copy and paste the text that displays into the panel when purchasing a Self-Managed VPS or configuring a new DreamCompute instance.

See also

• How to create a Key pair overview
• How to upload an SSH key via the DreamCompute dashboard