ssh-keygen: password-less SSH login
SSH is often used to login from one system to another without requiring passwords.
This requires you generate your own personal set of private/public ssh keys.
ssh-keygen is used to generate that key pair for you. Here is a session where your own personal private/public key pair is created:
root:~> ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
The command ssh-keygen -t rsa initiated the creation of the key pair.
No passphrase was entered (Enter key was pressed instead).
The private key was saved in .ssh/id_rsa. This file is read-only and only for you. No one else must see the content of that file, as it is used to decrypt all correspondence encrypted with the public key.
The public key is save in .ssh/id_rsa.pub.
In this case, the content of file id_rsa.pub is
It is one line in length.
Its content is then copied in file .ssh/authorized_keys of the system you wish to SSH to without being prompted for a password.
The example shown here generated keys on sodium by user root. If the public key generated, file /root/.ssh/id_rsa.pub, was copied to your account, file /root/.ssh/authorized_keys on dwhs1.dwhs.net, then user root is allowed to SSH into your own account on dwhs1.dwhs.net without the use of a password.
To summarize, a personal private/public key pair is generated using the ssh-keygen command. The public key is then copied onto a remote systems’ .ssh/authorized_keys file. And you can now SSH to the remote system’s account without the use of a password.