ssh-keygen — authentication key generation, management and conversion
$ ssh-keygen -t rsa -C "your@email.address"
Private and public keys are save in ~/.ssh/ directory.
$ ls ~/.ssh authorized_keys id_rsa id_rsa.pub known_hosts
Using ssh key on Microsoft Windows 10
Copy private key id_rsa to %userprofile%\.ssh folder. However, you will get warning and cannot use that private key unless you limit permission to the owner ONLY.
C:\Users\Tuyen>ssh tuyendq@002.practicehabits.net @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions for 'C:\\Users\\Tuyen/.ssh/id_rsa' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. Load key "C:\\Users\\Tuyen/.ssh/id_rsa": bad permissions tuyendq@002.practicehabits.net's password:
Using icacls to limit permission to access id_rsa key file
:: Set key variable as full path the the private key id_rsa file :: set key="%userprofile%\.ssh\id_rsa" :: Remove default inheritance :: cmd /c icacls %key% /c /t /inheritance:d :: Set ownership to the owner :: cmd /c icacls %key% /c /t /grant %username%:F :: Remove All users, except the owner :: cmd /c icacls %key% /c /t /remove Administrator Administrators SYSTEM "Authenticated Users" "Users" :: Then verify settings :: cmd /c icacls %key% :: End of script
Remove passphrase, you must have your old passphrase
openssl rsa -in ~/.ssh/id_rsa -out ~/.ssh/id_rsa_new