Home Compute Managing SSH Keys

Managing SSH Keys

Last updated on Aug 30, 2024

Generate and Add SSH Key

About SSH Keys

SSH key, or Secure Shell key, is a cryptographic key pair used for securely authenticating and encrypting communication between two entities in a Secure Shell (SSH) protocol-based system, such as remote access to a server or a Git repository. SSH is a widely used protocol for securely connecting to and managing remote servers over a network.

An SSH key pair consists of two keys: a private key and a public key. The private key is kept secret and is known only to the owner, while the public key is shared with other parties. When a client initiates an SSH connection to a server, the server requests the client to authenticate using a key pair. The client uses its private key to generate a digital signature, which is sent to the server along with the public key. The server then uses the public key to verify the digital signature, and if it matches, the client is granted access.

RSA vs ED2519

RSA and Ed25519 are two different types of cryptographic key pairs used in SSH for secure communication and authentication. Here are the key differences between RSA and Ed25519 key pairs:

Algorithm:

RSA (Rivest-Shamir-Adleman) is a widely used asymmetric encryption algorithm, while Ed25519 is a newer elliptic curve cryptography (ECC) algorithm.

Key Size:

RSA key pairs typically have larger key sizes, such as 2048 bits or 4096 bits, while Ed25519 key pairs have a fixed key size of 256 bits. This means that RSA keys are generally larger and require more computational resources for key generation, encryption, and decryption compared to Ed25519 keys.

Security:

Both RSA and Ed25519 are considered secure for most purposes. However, Ed25519 is generally considered to provide stronger security with smaller key sizes compared to RSA, due to the use of elliptic curve cryptography, which offers higher security levels with shorter key lengths. RSA is susceptible to attacks such as factorization, while Ed25519 is designed to be resistant to various cryptographic attacks.

Performance:

Ed25519 is known for its faster performance compared to RSA, as it requires less computational resources for key generation, encryption, and decryption. This makes Ed25519 more efficient for use in resource-constrained environments, such as embedded systems or high-traffic networks.

Compatibility:

RSA is more widely supported and compatible with older systems and software, as it has been in use for a longer time. Ed25519, being a newer algorithm, may not be supported by all SSH implementations or older systems. However, most modern SSH clients and servers support Ed25519, and it is gaining wider adoption in recent years.

Key Management:

RSA keys are typically managed using the ssh-keygen tool, which is available on most operating systems. Ed25519 keys can also be generated using ssh-keygen, but it may require a newer version of the tool that supports ECC algorithms. Additionally, RSA keys often require regular key size updates for maintaining strong security, while Ed25519 keys are fixed at 256 bits.

In summary, RSA and Ed25519 are both commonly used for SSH key-based authentication, but they differ in terms of algorithm, key size, security, performance, compatibility, and key management. The choice between RSA and Ed25519 depends on the specific use case, security requirements, and compatibility considerations of the system or network being used.

Generating SSH Keys

Generating SSH Keys using Terminal/CMD Prompt

Here are two ways to generate an SSH key for use within the American Cloud Cloud Management Platform (CMP).

Generate within the terminal or cmd prompt using the following commands:

Terminal or CMD Prompt

Open a terminal or cmd prompt on your local machine.

Run Commands

Run the command to generate rsa and/or ed2519 keys

  • RSA
ssh-keygen -t rsa -b 4096 -C "[email protected]"
  • Ed2519
ssh-keygen -t ed25519 -C "[email protected]"

Using AC Key Generator

  • The American Cloud CMP offers a convenient toggle that automatically generates and saves an SSH key. This feature simplifies the process of creating an SSH key for use within the platform. Here's how it typically works:

  1. In the left pane select 'Account'

  2. On the user dashboard select 'Security' Tab

  3. Select 'SSH Key'

  4. Select 'Generate Keypair'

  5. Save the newly Generated key pair to the local PC.

  • Once key has been generated and saved, it will be displayed within the profile section and ready for use with new instances.

Placing Pre-generated Keys

  • The American Cloud CMP also offers the ability to place pre-built keys. Below are the steps to accomplish this:

  1. In the left pane select 'Account'

  2. Choose the 'Security' tab and then select 'SSH Key'

  3. Select 'Upload SSH Key'

  4. Add the new SSH key and select 'Add New SSH Key'

  • Once uploaded the key will populate within the list of available keys and is ready for use.