Creating SSH Keys (Command Line)

Public key authentication (SSH Key) is a more secure alternative to password authentication that allows users to avoid entering or storing a password, or sending it over the network. Public key authentication uses the client computer to generate the key-pair (a public key and a private key). The public key is then provided to the remote computer's administrator to be installed on that machine.

Note: You can use the application GUI to create SSH keys or import existing keys for use with a selected user account. For instructions, see Creating SSH Keys.

Create a .ssh directory in your home directory if it does not already exist:
```
> md user_home_dir\.ssh
```
Go to the .ssh folder:
```
> cd user_home_dir\.ssh
```
Run ssh-keygen to generate an SSH key-pair.
Run the following command in the .ssh folder to create a key pair. For key_type, specify either RSA (rsa) or ED25519 (ed25519). At the prompt for the key-pair's filename, press ENTER to use the default name id_rsa or id_ed25519. For a passphrase, you can either enter a password, or press return twice to leave it blank:
```
> ssh-keygen -t key_type
```
Note: When you run ascp in FIPS mode (<fips_enabled> is set to true in aspera.conf), and you use passphrase-protected SSH keys, you must either (1) use keys generated by running ssh-keygen in a FIPS-enabled system, or (2) convert existing keys to a FIPS-compatible format using a command such as the following:
```
> openssl pkcs8 -topk8 -v2 aes128 -in id_rsa -out new-id_rsa
```
Retrieve the public key file.
The key-pair is generated to your home directory's .ssh folder. For example, assuming you generated the key with the default name id_rsa:
```
user_home_dir\.ssh\id_rsa.pub
```
Provide the public key file (for example, id_rsa.pub) to your server administrator so that it can be set up for your server connection.