How to create a SFTP/SSH Key On Linux

Introduction

RSA keys provide a secure method of authenticating with an SSH or SFTP server without requiring a password. They are based on asymmetric encryption, which uses a matching pair of keys: one public and one private. The public key is shared with the server or service provider, while the private key remains securely on your machine and is used to establish the connection.

When you attempt to connect, the server uses the public key to generate a challenge that can only be solved by the corresponding private key. This process proves your identity without ever transmitting the private key itself, making the exchange both safe and reliable.

The keys are stored locally as text files, typically in the .ssh directory or saved in the client you are using to connect.

Key things to remember when creating a new key:

• The private key is used on the client

• The public key is used on the server - and can be shared

• Where possible - the private key should be password encrypted

How to Create an RSA SSH Key on Linux

Linux uses the same toolset as MacOS (although don't tell any die hard linux fans that). You can follow basically the same instructions as above.

1. Open Terminal

• Open your favorite terminal.

2. Generate the SSH Key

Run the following command in your Terminal:

• -t rsa → specifies RSA as the key type.

• -b 4096 → sets the key length to 4096 bits (more secure than the default 2048).

• -C → adds a label (usually your email) for identification.

3. Save the Key

You’ll be asked where to save the key:

• Press Enter to accept the default path (~/.ssh/id_rsa), or type a custom filename if you want multiple keys.

4. Set a Passphrase (Optional)

You can add a passphrase for extra security, or press Enter to leave it empty.