I've been asked to provide my SSH public key for access to a shared server. How do I generate one and what do I send?
If you don't already have a key pair, generate one (one-time, per
machine you'll connect from):
ssh-keygen -t ed25519 -C "your-name@your-institution"
# accept the default location (~/.ssh/id_ed25519)
# set a passphrase (recommended) — this protects the key on disk
This creates two files:
~/.ssh/id_ed25519— private key. Never share this.
Treat it like a password.~/.ssh/id_ed25519.pub— public key. This is what you send
to the admin.
Send the contents of the .pub file (it's a single line starting
with ssh-ed25519 ...) in your helpdesk ticket. Paste it inline;
do not attach as a file unless asked.
Once the admin adds your key, test the connection with verbose
output:
ssh -vv -p <port> <username>@<host>
If login fails, paste the last ~30 lines of the ssh -vv output
into the ticket — that's usually enough to diagnose the problem
(wrong port, wrong username, server config, key permissions on
your side, etc.).
Security notes:
- If you had an RSA key from before 2020, regenerate as
ed25519
— shorter, faster, and the modern default. - Set strict permissions on the private key:
chmod 600 ~/.ssh/id_ed25519. SSH refuses to use the key if
it's world-readable. - A single key pair can authorise you to many servers — no need
to generate a new one per server.