<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=348068&amp;fmt=gif">
Couchdrop
Book a demo
Platform
Integrations
Resources
Pricing Security Support Company

How to generate an SSH key in Linux

Posted on Sep 19, 2025 • Updated on Sep 19, 2025

SFTP uses SSH keys to establish a secure connection, but you can add further security by requiring that users connect to remote systems by authenticating with an SSH key pair, which can be generated directly from a Terminal. 

Asymmetric SSH keys for SFTP 

When used for authentication, SSH keys are asymmetric, meaning that the keys are used for a singular purpose instead of the same key being used for both encryption and decryption. The two keys that are generated in the pair are a private key and a public key. 

Public keys are used for encrypting and are shared with the server/machine that the user wants to connect to. 

Private keys are used for decrypting, and in the case of SSH keys for SFTP, help to identify a unique user for authentication, and as a result should never be shared. 

When attempting to connect to a remote server that requires key-based authentication, the server uses the public key to generate a challenge that can only be solved by the private key of the same pair. This lets users prove their identity without ever having to transmit the private key itself. 

For additional protection, passphrases can be added to private keys. While it's easiest to specify the passphrase during the key generation process, it can also be added afterward.  

Keys generated by a Linux Terminal are stored as text files locally. Usually, they will be stored in the .ssh directory or saved in the client you are using to connect. 

How to create an SSH key in Linux 

Creating an SSH key in Linux involves generating the key from a Terminal and then sharing/adding the saved public key to any machine/server you want to connect to. 

Opening the terminal

Start by opening up a terminal. 

Once you've opened Terminal, run the command ssh-keygen. We recommend adding additional options as below: 

ssh-keygen -t rsa -b 4096 -C "your_email@example.com"

  • -t rsa > Specifies the key type as RSA
  • -b 4096 > Sets the key length to 4096 bits, which is more secure than the default 2048 bits. 
  • -C > Adds a label (usually your email) for identification.

Saving the key

After entering the command, you'll be asked where to save the keys. By default, keys will be saved to (/home/name/.ssh/id_rsa), but you can specify a different path if you want to save them elsewhere. 

You'll then be asked to enter a password. Hitting enter again will create a key with no passphrase. 

As soon as the key is generated, the key fingerprint will be shown along with a randomart image. This image is an ASCII art representation of the key and can be used to quickly check if the key is correct by checking that the images match.

Sharing the Public Key

Once the keys are generated, you need to share the public key. Typically, this will be done by pasting the contents of the key file or directly uploading the file to the server. 

Using SSH key authentication in Couchdrop

In Couchdrop, you can configure an SFTP user to use Public Key Authentication in the Users panel of the Admin console. 

To add this to a user, select the user and ensure they're allowed to connect via SFTP. With this checkbox is the option to configure public key authentication. Paste the Public Key here. There is also the option to enforce key usage, but note that this isn't supported by all SFTP clients. 

When that user connects, they'll then add the corresponding Private Key, which will be checked during authentication.