# How to create a SFTP/SSH Key On Linux

## Introduction

RSA keys provide a secure method of authenticating with an SSH or SFTP server without requiring a password. They are based on asymmetric encryption, which uses a matching pair of keys: one public and one private. The public key is shared with the server or service provider, while the private key remains securely on your machine and is used to establish the connection.

When you attempt to connect, the server uses the public key to generate a challenge that can only be solved by the corresponding private key. This process proves your identity without ever transmitting the private key itself, making the exchange both safe and reliable.

The keys are stored locally as text files, typically in the `.ssh` directory or saved in the client you are using to connect.&#x20;

**Key things to remember when creating a new key:**

* The private key is used on the client
* The public key is used on the server - and can be shared
* Where possible - the private key should be password encrypted&#x20;

{% hint style="warning" %}
If you are connecting using SFTP or SSH - you should never share your private key. Only share the public key.&#x20;
{% endhint %}

## How to Create an RSA SSH Key on Linux

Linux uses the same toolset as MacOS (although don't tell any die hard linux fans that). You can follow basically the same instructions as above.&#x20;

#### 1. Open Terminal

* Open your favorite terminal.&#x20;

***

#### 2. Generate the SSH Key

Run the following command in your Terminal:

```bash
ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
```

* `-t rsa` → specifies RSA as the key type.
* `-b 4096` → sets the key length to 4096 bits (more secure than the default 2048).
* `-C` → adds a label (usually your email) for identification.

***

#### 3. Save the Key

You’ll be asked where to save the key:

```
Enter file in which to save the key (/home/yourname/.ssh/id_rsa):
```

* Press **Enter** to accept the default path (`~/.ssh/id_rsa`), or type a custom filename if you want multiple keys.

***

#### 4. Set a Passphrase (Optional)

You can add a passphrase for extra security, or press **Enter** to leave it empty.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.couchdrop.io/walkthroughs/sftp-recipes/using-sftp-ssh-keys/how-to-create-a-sftp-ssh-key-on-linux.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.