Creating a Key Pair
Instances use an SSH key pair instead of a password to authenticate a remote user. A key pair file contains a private key and public key. You keep the private key on your computer and provide the public key every time you launch an instance.
To create key pairs, you can use a third-party tool such as OpenSSH on UNIX-style systems (including Linux, Solaris, BSD, and OS X) or PuTTY Key Generator on Windows.
Before You Begin
- If you already have an SSH-2 RSA key pair, you can use your existing pair and skip this step. Proceed to Choosing a Compartment.
- If you're using a Linux distribution, you probably already have the
ssh-keygenutility installed. To determine if it's installed, type
ssh-keygenon the command line. If it's not installed, you can download OpenSSH for UNIX from http://www.openssh.com/portable.html and install it.
- If you're using Windows and you don't already have the PuTTY Key Generator, download it from http://www.putty.org and install it.
Creating a Key Pair
- Open a shell or terminal for entering the commands.
At the prompt, enter
ssh-keygenand provide a name and passphrase when prompted.
The keys will be created with the default values: RSA keys of 2048 bits.
Alternatively, you can type a complete
ssh-keygen command, for example:
ssh-keygen -t rsa -N "" -b 2048 -C "<key_name>" -f <path/root_name>
The command arguments are shown in the following table:
||Use the RSA algorithm.|
A passphrase to protect the use of the key (like a password). If you don't want to set a passphrase, don't enter anything between the quotes.
A passphrase is not required. You can specify one as a security measure to protect the private key from unauthorized use.
Generate a 2048-bit key. You don't have to set this if 2048 is acceptable, as 2048 is the default.
A minimum of 2048 bits is recommended for SSH-2 RSA.
||A name to identify the key.|
||The location where the key pair will be saved and the root name for the files.|
puttygen.exeto open it.
Accept the default key type of SSH-2 RSA and set the Number of bits in a generated key to 2048 if it is not already set.
The options you see may not match the example image, but the default key type is typically what you need. For example, another version of PuTTY Key Generator uses the default Parameters option of RSA, with the default Key menu option of SSH-2 RSA key.
- Click Generate.
Move your mouse around the blank area to generate random data in the key, as shown below.
(The red line in the following image is for illustration purposes only. It doesn't appear in the generator pane as you move the mouse.)
The generated key appears under Public key for pasting into OpenSSH authorized_keys file.
- The Key comment is generated for you, including the date and time stamp. You can keep generated key comment or overtype it with your own more descriptive comment.
- Leave the Key passphrase blank.
- Click Save private key to save the key pair and then click Yes in the prompt about saving the key without a passphrase.
The key pair is saved in the PuTTY Private Key (PPK) format, which is a proprietary format that works only with the PuTTY tool set.
You can call the key anything you want, but use the
ppkfile extension, for example,
- Select all of the generated key that appears under Public key for pasting into OpenSSH authorized_keys file, copy it, paste it into a text file, and then save the file in the same location as the private key.
(Do not use Save public key because it does not save the key in the OpenSSH format.)
You can call the key anything you want, but for consistency, use the same name as the private key and a file extension of
pub, for example,
- Write down the names and location of your public and private key files. You will need the public key when launching an instance. You will need the private key to access the instance via SSH.
Now that you have a key pair, continue on with Choosing a Compartment.