🔑 Forge Your Digital Key: Creating Secure SSH Keys!
Welcome back, Git Masters! We’ve got our awesome, secure CentOS Stream 9 server humming, but to use it, we need the right credentials. Forget passwords—we’re using SSH Keys, which are far more secure and convenient!
If you were running into errors earlier, it means you might not have a key yet, or you’re not using the correct filename. No worries! We’re going to use the best practice key type, Ed25519, to generate a brand-new, blazing-fast key pair on your machine, whether it’s Windows, Mac, or Linux!
Let’s make some digital keys! 🗝️
đź’» Step 1: Open Your Terminal (The Universal Tool)
You’ll run the exact same command regardless of your operating system, thanks to the OpenSSH client being built into Windows 11, macOS, and Linux distributions.
| Your OS | Program to Open |
| Windows 11 | PowerShell or Command Prompt |
| macOS | Terminal |
| Linux | Terminal (Bash, Zsh, etc.) |
🛠️ Step 2: Generate the Ed25519 Key Pair
We use the ssh-keygen utility with the flag for the Ed25519 key type, which is the modern standard for security and speed.
Run this command, replacing the email with your own email address or a descriptive label—this just serves as a comment to identify the key later:
Bash
ssh-keygen -t ed25519 -C "your_email@example.com"
What happens next?
- “Enter file in which to save the key…”
- Action: Press Enter to accept the default location:
~/.ssh/id_ed25519. This is the standard place your client will look for the key! - Warning: If you see a warning about the file already existing, you may want to enter a new name (e.g.,
~/.ssh/git_server_key) instead of overwriting your existing key.
- Action: Press Enter to accept the default location:
- “Enter passphrase (empty for no passphrase):”
- Action (Recommended): Enter a strong passphrase. This is a password for your private key. It encrypts the key on your local drive so if your laptop is stolen, the key can’t be used without this extra password. You’ll be prompted to enter it again to confirm.
- Note: If you use a passphrase, you may have to enter it when you first push code. Most modern systems use an SSH Agent to remember it for your session.
Once complete, you’ll see a message like:
Your identification has been saved in /home/user/.ssh/id_ed25519.
Your public key has been saved in /home/user/.ssh/id_ed25519.pub.
đź“Ž Step 3: Copy the Public Key (The File You Share)
You generated two files:
id_ed25519: Private Key (Keep Secret!)id_ed25519.pub: Public Key (This is the file you need to copy to your Git server!)
Here are the super-fast ways to copy the public key’s content to your clipboard, ready for pasting into the CentOS server’s authorized_keys file:
🍏 Mac/Linux
Bash
cat ~/.ssh/id_ed25519.pub | pbcopy
(pbcopy is the macOS command. On Linux, you might need to use xclip or xsel.)
🪟 Windows (PowerShell)
PowerShell
type $env:USERPROFILE\.ssh\id_ed25519.pub | clip
🥳 What’s Next? Finalizing the Server!
With your key now copied, jump back to your CentOS terminal (remember, you were the git user when you opened the authorized_keys file):
- Paste the entire key (it starts with
ssh-ed25519 ...) into the~/.ssh/authorized_keysfile. - Save and exit the file.
- Go to your local project directory and run that glorious clone command again!
Bash
git clone git@<Your-Server-IP>:/srv/git/my_awesome_project.git
CONGRATULATIONS! You are now using a modern, secure SSH key to connect to your own Git server. What a fantastic accomplishment!