Creating a Key Pair
Instances use an SSH key pair instead of a password to authenticate a remote user. A key pair file contains a private key and public key. You keep the private key on your computer and provide the public key every time you launch an instance.
To create key pairs, you can use a third-party tool such as OpenSSH on UNIX-style systems (including Linux, Solaris, BSD, and OS X) or PuTTY Key Generator on Windows.
Before You Begin
- If you already have an SSH-2 RSA key pair, you can use your existing pair and skip this step. Proceed to Choosing a Compartment.
- If you're using a Linux distribution, you probably already have the
ssh-keygenutility installed. To determine if it's installed, type
ssh-keygenon the command line. If it's not installed, you can download OpenSSH for UNIX from http://www.openssh.com/portable.html and install it.
- If you're using Windows and you don't already have the PuTTY Key Generator, download it from http://www.putty.org and install it.
Creating a Key Pair
- Open a shell or terminal for entering the commands.
At the prompt, enter
ssh-keygenand provide a name and passphrase when prompted.
The keys will be created with the default values: RSA keys of 2048 bits.
Alternatively, you can type a complete
ssh-keygen command, for example:
ssh-keygen -t rsa -N "" -b 2048 -C "<key_name>" -f <path/root_name>
The command arguments are shown in the following table:
||Use the RSA algorithm.|
A passphrase to protect the use of the key (like a password). If you don't want to set a passphrase, don't enter anything between the quotes.
A passphrase is not required. You can specify one as a security measure to protect the private key from unauthorized use.
Generate a 2048-bit key. You don't have to set this if 2048 is acceptable, as 2048 is the default.
A minimum of 2048 bits is recommended for SSH-2 RSA.
||A name to identify the key.|
||The location where the key pair will be saved and the root name for the files.|
puttygen.exein the PuTTY folder on your computer, for example,
C:\Program Files (x86)\PuTTY. Double-click
puttygen.exeto open it.
Specify a key type of SSH-2 RSA and a key size of 2048 bits:
- In the Key menu, confirm that the default value of SSH-2 RSA key is selected.
- For the Type of key to generate, accept the default key type of RSA.
- Set the Number of bits in a generated key to 2048 if it is not already set.
- Click Generate.
Move your mouse around the blank area in the PuTTY window to generate random data in the key.
When the key is generated, it appears under Public key for pasting into OpenSSH authorized_keys file.
- A Key comment is generated for you, including the date and time stamp. You can keep the default comment or replace it with your own more descriptive comment.
- Leave the Key passphrase field blank.
Click Save private key, and then click Yes in the prompt about saving the key without a passphrase.
The key pair is saved in the PuTTY Private Key (PPK) format, which is a proprietary format that works only with the PuTTY tool set.
You can name the key anything you want, but use the
ppkfile extension. For example,
Select all of the generated key that appears under Public key for pasting into OpenSSH authorized_keys file, copy it using Ctrl + C, paste it into a text file, and then save the file in the same location as the private key.
(Do not use Save public key because it does not save the key in the OpenSSH format.)
You can name the key anything you want, but for consistency, use the same name as the private key and a file extension of
pub. For example,
- Write down the names and location of your public and private key files. You will need the public key when launching an instance. You will need the private key to access the instance via SSH.
Now that you have a key pair, continue on with Choosing a Compartment.