SSH public key authentication
Besides using username and password for authentication when connecting to remote host over SSH, public key authentication can also be used.
This article assumes both local computer and remote computer support Ed25519 key.
Generate authentication keys
Run the following:
ssh-keygen -t ed25519
The command above generates a Ed25519 key pair. You will be asked for the location of generated key pair files, and a passphase.
For example, if the private key is
generated public key is
The private key should be accessible by the key owner only. To change the file permission:
chmod 600 test.ed25519
The above command makes the private key readable and writable by the key owner only.
Add public key
Copy the public key to remote computer and add the public key to the file
for user authentication. By default, the file contains public keys is
~/.ssh/authorized_keys. On the remote computer,
assume the public key is
test.ed25519.pub, run the following:
cat test.ed25519.pub >> ~/.ssh/authorized_keys
Open SSH connection with private key
To open SSH connection with the generated private key, on local computer:
ssh -i test.ed25519 -p 22 email@example.com
-i switch indicates the identity file (i.e. the private
key) used for authentication. The
-p switch indicates the
port which the SSH server on remote computer listens on.
user with a real user on remote computer, and
example.com with the IP address or hostname of remote
If you provided a passphase when generating the key pair, you need to enter the passphase when connecting to the remote computer.