ssh-keygen -o -a 100 -t ed25519 -f ~/.ssh/server_key -C "ServerUsername@ServerHostname"
ssh-keygen -o -a 100 -t ed25519 -f $env:USERPROFILE\.ssh\server_key -C "ServerUsername@ServerHostname"
ssh-keygen will create 2 keys file. Public Keys(with .pub) and Private Keys.
| Options | Meaning |
|---|---|
-o |
Causes ssh-keygen to save private keys using the new OpenSSH format rather than the more compatible PEM format. The new format has increased resistance to brute-force password cracking but is not supported by versions of OpenSSH prior to 6.5. Ed25519 keys always use the new private key format.(IBM.com/docs) |
-a <KDF rounds> |
Specifies the number of KDF (key derivation function) rounds used. Higher numbers result in slower passphrase verification and increased resistance to brute-force password cracking (should the keys be stolen). In this case -a 100 round is used. |
-t <type> |
Specifies the type of the key to create. The possible values are “dsa”, “ecdsa”, “ed25519”, or “rsa”. Here we use -t ed25519 |
-f <path/filename> |
Specifies the name & location of the generated key file. If you want it to be discovered automatically by the SSH agent, it must be stored in the default ~/.ssh/ directory (windows : $env:USERPROFILE\.ssh\) |
-C "<comments>" |
An option to specify a comment. It’s purely informational and can be anything. But it’s usually filled with <login>@<hostname> for whom this key is generated . The comment is truncated after 1023 characters. |