Jump toUpdate content

How to create an SSH key

Reviewed on 08 June 2021Published on 12 March 2020

SSH keys allow you to securely connect to your compute instances without using a password. An SSH key consists of an RSA key pair, which has two elements:

  • An identification key (aka private key), which you must keep securely on the computer you want to connect from.
  • A public key which you must upload to the Scaleway interface. This is then transferred to your compute instance during the boot process.

You can create the SSH key pair on your local machine. The process will depend on your operating system.

Requirements:

How to create an SSH key pair on OSX and Linux

On OSX and Linux, you can create the SSH key pair directly from the terminal (command line).

  1. Open the terminal application by clicking on the corresponding icon.

  2. Type ssh-keygen -o -b 4096 and press Enter to generate a new key.

    Important:

    For security reasons you must generate a 2048-bit or 4096-bit RSA key (hence the -b 4096 part of the command). Older 1024-bit keys are no longer supported. The -o option was added in 2014, to specify use of the new OpenSSH format. If the command fails for you, try removing the -o.

  3. Enter a filepath to save the key to when prompted. Alternatively, press Enter to leave this at the default setting (the key will be saved in a file called id_rsa in the /Users/me/.ssh directory).

    Enter file in which to save the key (/Users/me/.ssh/id_rsa):`
  4. Enter a passphrase when prompted. This step is not mandatory, but is recommended for increased security. The passphrase can be freely chosen. If you do not want to set a passphrase, press Enter directly.

    Enter passphrase (empty for no passphrase):
  5. Enter the passphrase again for confirmation when prompted, and press Enter:

    Enter same passphrase again:

    The key pair is generated in the filepath you specified. The key pair consists of:

    • The public key, named id\_rsa.pub
    • The private (identification) key, named id\_rsa
  6. Display the content of the public key with the following command and copy it.

    cat /Users/me/.ssh/id_rsa.pub
  7. Copy the content of the public key which is displayed. You will need this in the next step. Your key should look something like the output shown:

    ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC/tcOt7Lwx5MEPyHo+pcK/XYi7ZvZi4OzLZd59E2MyTLg5ZTpMyRqgLLojTloXEtM57A9H95zjNsiU1nJm1iXEMbRfd6f8fWaaK0ms6z5hLgcuDJot0BkfgThpJjIseZ2uEIrEFYOfdhffJofXkC8lS7seEM8B9TG+Y25wFDdILACrX6AHzRd0Bd4T7I8zNL51fT2zKUBaB6hX4K3rm60K5VKZsZBMj/Mg6rI1DifpOmEb9c+gNX5OlRGC+PREQ08dlwONOO+/C+RPCk+mf1hI5if5E6BAGPz7wN5DNN4BjbiR8/rQ/vjvp5CXbWxaL35FIfi/fUFy3mJlz8u17MzEqi22qdsPXC/MvmdJZSGaAIlqHnNoiMgJTjXBaTJGMiRiuGZ5J3ksIjEeLVAGJNLJRUAOPNmTa9xpn0KD6Uh3OJVUwldGPjJYYHjcNhZTsUqyVpci03fbSvWIvlOlIAc7JicW3ES3i5ayIMNRLwYOp8VP5j8nbpB/OfjRu5VsSQpLJFjcK0LCs+eZaStTn4j3/lwR1DKH3dAwVkRls7SfaWzAgV7HF9NTnDADdVz6wHLR2PB4b7ZVdTYqVXgSjiJfYYYowZ2McIV27cXvbNIWUOJi80h63e/43xSjalBIpDNBi0yTvZqOJzu3xBB6QqJqEmKvAszrTVoGK8rgLgC/iw== me@localhost

How to create an SSH key pair on Windows

On Windows, you can use the third-party application PuTTYgen to create an SSH key pair.

  1. Download and install PuTTY to your local computer. The PuTTYgen application is automatically installed (as well as the main PuTTY application).

  2. Launch PuTTYgen by double-clicking on the application icon. The following screen displays.

  3. Select RSA, set the number of bits in the key to 4096 and click the Generate button:

  4. Move the mouse around the blank area as instructed, to generate randomness.

    The public and private keys are generated and the following screen displays:

  5. Complete the steps on the screen to finish:

  • Fill in the Key-comment field with a name to help you identify this key pair
  • Click the Save public key button and save it in the folder of your choice
  • Click the Save private key button and save it the same folder
  • Select the content of the public key (the sequence of characters under “Public key for pasting into OpenSSH authorized_keys file”). Copy it, as you will need this in the next step.

How to upload the public SSH key to the Scaleway interface

You must upload the content of the public part of the SSH key pair you just created to the Scaleway interface. This is then transferred to your compute instance during the boot process. You can then connect and authenticate from your local machine (where the private key is) to the remote compute instance (where the public key is).

  1. From the Scaleway console, navigate to the Credentials tab of your Project Dashboard:

  2. Scroll down to the SSH Key section, and click Add a new SSH key.

  3. Paste the content of the public key (which you copied in the previous step) into the pop-up box, and optionally add a description. Then click Add a SSH key.

You will now be able to connect to your instances via SSH

Tip:

If you have any difficulties after uploading a new public SSH key, try the following:

  • If you cannot connect to your instance at all via SSH, reboot your instance from the console and try again.
  • If you can connect to your instance using a previously uploaded SSH key but not the new one, reload your SSH keys with the scw-fetch-ssh-keys --upgrade command
See Also