Options for key generation
When you generate a key the default settings are usually sufficient. However, here are a few options which may be of interest. We demonstrate these options here using
ssh-keygen as described in Using SSH keys in Linux, but the same options are available if you are using a graphical interface as described in Generating SSH keys in Windows.
- You can specify a comment for the key, which may be helpful if you have multiple keys:
ssh-keygen -C 'computecanada systems'
- You can choose the name of the key file:
ssh-keygen -F computecanada-key
This produces a file "computecanada-key" containing the private part, and "computecanada-key.pub" for the public part.
- There are sometimes reasons to choose a different key type (rather than the RSA default):
ssh-keygen -t ed25519
- You can strengthen certain key types, such as RSA, by setting a longer key length:
ssh-keygen -t rsa -b 4096