Creating SSH Keys (Command Line)

Public key authentication (SSH Key) is a more secure alternative to password authentication that allows users to avoid entering or storing a password, or sending it over the network. Public key authentication uses the client computer to generate the key-pair (a public key and a private key). The public key is then provided to the remote computer's administrator to be installed on that machine.

  1. Create a .ssh directory in your home directory if it does not already exist: 
    $ mkdir /home/username/.ssh

    Go to the .ssh folder:

    $ cd /home/username/.ssh
  2. Run ssh-keygen to generate an SSH key-pair.
    Run the following command in the .ssh folder to create a key pair. For key_type, specify either RSA (rsa) or ED25519 (ed25519). At the prompt for the key-pair's filename, press ENTER to use the default name id_rsa or id_ed25519, or enter a different name, such as your username. For a passphrase, you can either enter a password, or press return twice to leave it blank:
    # ssh-keygen -t key_type
    Note: When you run ascp in FIPS mode (<fips_enabled> is set to true in aspera.conf), and you use passphrase-protected SSH keys, you must either (1) use keys generated by running ssh-keygen in a FIPS-enabled system, or (2) convert existing keys to a FIPS-compatible format using a command such as the following:
    # openssl pkcs8 -topk8 -v2 aes128 -in id_rsa -out new-id_rsa
  3. Retrieve the public key file.
    The key-pair is generated to your home directory's .ssh folder. For example, assuming you generated the key with the default name id_rsa:

    /home/username/.ssh/id_rsa.pub

    Provide the public key file (for example, id_rsa.pub) to your server administrator so that it can be set up for your server connection.

  4. Start a transfer using public key authentication with the ascp command.
    To transfer files using public key authentication on the command line, use the option -i private_key_file. For example:
    $ ascp -T -l 10M -m 1M  -i ~/.ssh/id_rsa  myfile.txt  jane@10.0.0.2:/space

    In this example, you are connecting to the server (10.0.0.2, directory /space) with the user account jane and the private key ~/.ssh/id_rsa.