How to Generate OpenSSL RSA Key Pair on Linux Cloud Server

< Back to the Title Topic

How to Generate OpenSSL RSA Key Pair on Linux Cloud Server


This tutorial will guide you on how to generate your own key pair used for SSH authentication and optionally disable the default generated key pair.


Login to your Linux instance via SSH using the default user. We will be using PuTTY as our SSH client for this tutorial.


Notice that “centos” is shown here in this tutorial as the default login user and path because this instance is running on the CentOS image. The default user and path will differ based on the image of your choice.

Ubuntu Image – “ubuntu” default user

Debian Image – “debian” default user

CentOS Image – “centos” default user


Step 1: Login to your Linux instance via PuTTY.

Step 2: In the terminal/command line, enter “ssh-keygen“. Take note that the private key generated with this command will be in the .pem format, you might need to convert the private key to other formats in order to be compatible with your SSH client.

Step 3: Specify the filename for your keypair (eg: /home/centos/mykey), or leave it empty to save your key to the default path.

Step 4: (Optional) Specify the passphrase for your key.

Step 5: Add your generated public key to the “authorized_keys” file to allow SSH to be authenticated using the generated key pair. Enter “cat /path/to/your/ >> /home/centos/.ssh/authorized_keys” in the terminal/command line. Please substitute /path/to/your/ with the actual path specified when you generated your key pair in Step 3.

Step 6: (Optional) Remove the default key pair. Edit the “authorized_keys” file with your preferred editor, we will be using the “vi” text editor. Enter “vi /home/centos/.ssh/authorized_keys” in the terminal/command line.

Step 7: (Optional) Delete the default public key entry in the “authorized_keys” file and save the changes.

Step 8: Retrieve the generated private key and use them for your next SSH session. Enter “cat /path/to/your/key” in your terminal/command line and copy the private key content and save it with Notepad or TextEdit. You need to include the lines “—–BEGIN RSA PRIVATE KEY—–” and “—–END RSA PRIVATE KEY—–” when you copy.


You can also enable SSH password authentication and login as the root user by following this tutorial.

Previous How To Configure IIS To Listen On Specific IP Address
Next How to update/edit local hostfile in Mac OS