Introduction to SSH Keys

Understand how SSH key pairs work

The SSH protocol allows you to authenticate on a server using different methods, most commonly via password or public key. For security reasons, Moss recommends public key authentication in the servers it helps you manage. So if you ever need to log into your server, transfer files, or the like, using this kind of authentication, you need to understand how it works (use password auth otherwise). Luckily it’s very easy.

Public key authentication is based on key pairs: a private key (usually in a file named id_rsa) that you only know, and a public key (usually in a file named id_rsa.pub) that is uploaded on any server you want to access.

Moss helps you manage your public keys on all your servers. In the remainder of this article, we show you how to find or create your key pairs.

Find your SSH Public Key

There’s a high likelihood that you created an SSH key pair in the past and you just need to copy the content of the public key file into Moss. The name of such file can be user-provided, but typical examples for different public key algorithms include id_dsa.pub, id_ecdsa.pub, id_ed25519.pub, or id_rsa.pub.

To check whether you already have such a key, follow the instructions below.

Linux and Mac

  1. Open terminal
  2. Run ls -l ~/.ssh/ 
  3. Check whether a file ending in .pub exists

Windows

If you already have a public/private key pair in PPK format, you may use PuTTY Key Generator to open your .ppk file.

OpenSSH is the de-facto standard for SSH implementations, and the one employed by your Ubuntu servers. It uses a different key format than PuTTY, but fortunately the latter is able to convert keys between formats.

PuTTY shows your public key in OpenSSH format – that’s the key you must provide in Moss.

You may also export your private key in OpenSSH format by clicking ‘Conversions’ -> ‘Export OpenSSH key’.

Create your SSH key pair if needed

In case you don’t have a key pair yet, you must create one in your computer.

Linux and Mac

Create your key pair using the ssh-keygen command, e.g.:

ssh-keygen -t rsa -b 4096 -C "<my-name>@<my-computer>"

Below you can see the output of such command. Leave the default file names (id_rsa and id_rsa.pub) unless you have a reason for not doing so. Also choose an appropriate passphrase to secure your private key.

Windows

  1. Open PuTTY Key Generator.
  2. Click ‘Generate’ to create a new public/private key pair.

3. The public SSH key is shown in OpenSSH format – that’s the public key you must provide in Moss.

4. Save your public and private keys, and maybe export your private key to the OpenSSH format.