SSH keys are a necessity for Python development when you are working with Git, connecting to remote servers and automating your deployments. Let's walk through how to generate SSH key pairs, which contain both a public and a private key within a single pair, on Ubuntu Linux.
Open up a new terminal window in Ubuntu like we see in the following screenshot.
ssh-keygen command provides an interactive command line interface for
generating both the public and private keys. Invoke
ssh-keygen with the
-b arguments to ensure we get a 4096 bit RSA key.
Optionally, you can also specify your email address with
one will be generated off your current Linux account):
ssh-keygen -t rsa -b 4096 -C [email protected]
The first prompt you will see asks where to save the key. However, there are actually two files that will be generated: the public key and the private key.
Generating public/private rsa key pair. Enter file in which to save the key (/home/matt/.ssh/id_rsa):
This prompt refers to the private key and whatever you enter will also
generate a second file for the public key that has the same name and
If you already have a key, you should specify a new filename. I use many SSH keys so I typically name them "test-deploy", "prod-deploy", "ci-server" along with a unique project name. Naming is one of those hard computer science problems, so take some time to come up with a system that works for you and the development team you work with!
Next you will see a prompt for an optional passphrase:
Enter passphrase (empty for no passphrase):
Whether or not you want a passphrase depends on how you will use the key. The system will ask you for the passphrase whenever you use the SSH key (although you can use ssh-agent to store the passphrase after you activate it on a system the first time) so it is more secure. However, if you are automating deployments with a continuous integration server like Jenkins then you will not want a passphrase.
Be aware that it is impossible to recover a passphrase if it is lost. Keep that passphrase safe and secure because otherwise a completely new key would have to be generated.
Enter the passphrase (or just press enter to not have a passphrase) twice. You'll see some output like the following:
Your identification has been saved in /home/matt/.ssh/prod_deploy. Your public key has been saved in /home/matt/.ssh/prod_deploy.pub. The key fingerprint is: SHA256:xoCWgk40XfM5mruZQNCVoBKXZ4d0gn09ivVENacb7xw [email protected] The key's randomart image is: +---[RSA 2048]----+ |.oo*==oo..o . | |.+*.*** = + | |o+.++=.B .o | |+ .o. +oo + | | . . o S . E | | . .. o . | | . . o | | . + | | + | +----[SHA256]-----+
Your SSH key is now generated and ready to use!
Now that you have your public and private keys, I recommend setting up a Python development environment with one of the following tutorials so you can start coding:
ssh-keygen command resources:
See something wrong in this post? Fork this page's source on GitHub and submit a pull request.