La commande ssh-keygen sert à créer une paire de clés. Avant de lancer la commande, vérifiez si vous n'avez pas déjà une paire de clés. Les clés se trouvent dans le répertoire .ssh/ dans votre répertoire principal. Le nom par défaut de la clé privée est id_rsa; celui de la clé publique est id_rsa.pub. La commande

ssh-keygen -b 2048 -t rsa

produira un résultat semblable à ceci :

Generating public/private rsa key pair.
Enter file in which to save the key (/home/ubuntu/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/ubuntu/.ssh/id_rsa.
Your public key has been saved in /home/ubuntu/.ssh/id_rsa.pub.
The key fingerprint is:
ef:87:b5:b1:4d:7e:69:95:3f:62:f5:0d:c0:7b:f1:5e ubuntu@test-key
The key's randomart image is:
+--[ RSA 2048]----+
|                 |
|                 |
|           .     |
|            o .  |
|        S    o o.|
|         .  + +oE|
|          .o O.oB|
|         .. +oo+*|
|          ... o..|
+-----------------+

when prompted you should enter a passphrase. If you already have a key pair saved with the default names you may wish to enter a file name for the saved keys so as not to overwrite an existing key pair.

Connecting using a Key Pair

Once your key pair has been created copy the public key (the /home/ubuntu/.ssh/id_rsa.pub key file in the above on your local machine) to the /home/USERNAME/.ssh/authorized_keys file on the server you wish to connect to. If you had to create the file /home/USERNAME/.ssh/authorized_keys ensure the file authorize_keys and directory .ssh have the correct permissions with chmod 600 ~/.ssh/authorized_keys and chmod 700 ~/.ssh respectively.

Finally test the new key by sshing to the remote machine from the local machine with

ssh -i /home/ubuntu/.ssh/id_rsa USERNAME@ADDRESS

where /home/ubuntu/.ssh/id_rsa specifies your private key file and USERNAME is the user name on the remote machine, and ADDRESS is the address of the remote machine.