# How to create a SFTP/SSH Key On MacOS

## Introduction

RSA keys provide a secure method of authenticating with an SSH or SFTP server without requiring a password. They are based on asymmetric encryption, which uses a matching pair of keys: one public and one private. The public key is shared with the server or service provider, while the private key remains securely on your machine and is used to establish the connection.

The keys are stored locally as text files, typically in the `.ssh` directory or saved in the client you are using to connect. 

For additional protection, the private key can be encrypted with a passphrase, ensuring that even if the file is accessed, it cannot be used without the added layer of security. This combination of encryption and key management makes RSA keys both convenient and highly secure for remote authentication.

**Key things to remember:**

* The private key is used on the client
* The public key is used on the server - and can be shared
* Where possible - the private key should be password encrypted 

{% hint style="warning" %}
If you are connecting using SFTP or SSH - you should never share your private key. Only share the public key. 
{% endhint %}

## How to Create an RSA SSH Key on macOS

MacOS comes with everything you need to create a RSA key. You will need to be familiar with using a terminal (command prompt) - but thats an easy hurdle to get past. 

#### 1. Open Terminal

* Press **Command + Space** and type `Terminal`, then hit **Enter**.

***

#### 2. Generate the SSH Key

Run the following command in your Terminal:

```bash
ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
```

* `-t rsa` → specifies RSA as the key type.
* `-b 4096` → sets the key length to 4096 bits (more secure than the default 2048).
* `-C` → adds a label (usually your email) for identification.

***

#### 3. Save the Key

You’ll be asked where to save the key:

```
Enter file in which to save the key (/Users/yourname/.ssh/id_rsa):
```

* Press **Enter** to accept the default path (`~/.ssh/id_rsa`), or type a custom filename if you want multiple keys.

***

#### 4. Set a Passphrase (Optional)

You can add a passphrase for extra security, or press **Enter** to leave it empty.

***

#### 5. Copy the Public Key

Copy your public key to the clipboard:

```bash
pbcopy < ~/.ssh/id_rsa.pub
```

Now you can paste it into GitHub, GitLab, or any server you want to connect to.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.couchdrop.io/walkthroughs/sftp-recipes/using-sftp-ssh-keys/how-to-create-a-sftp-ssh-key-on-macos.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.