Python for Entrepreneurs Transcripts
Chapter: Source Control and Git
Lecture: SSH Key Management in Linux and macOS
0:01 In this video, we're going to use the ssh-keygen tool,
0:04 on Linux and Mac OS X, in order to generate our public and private SSH keys.
0:09 we've shifted over into the command line,
0:11 and we're going to use the ssh-keygen application.
0:15 But before we do that, I want to introduce the "man" command,
0:18 "man" is for manual, so if we type "man ssh-keygen", it will give us all the parameters
0:22 and some contextual information about using the ssh-keygen application,
0:27 if you are ever wondering which arguments you should be using with the command,
0:30 use the "man" command in order to take a look
0:35 at what that command is that you are going to be using.
0:37 Now, we can use the ssh-keygen command and we pass it two parameters,
0:41 the first is "-t", so we're specifying what type of key we want to create,
0:45 and pass an "rsa" for the RSA type, and we'll pass on the number of bits
0:49 that we want for our key, we'll say 2048,
0:52 now 2048 should be the default and most systems
0:54 but we want to manually specify that, just in case,
0:56 by default on some systems is less than that,
0:58 we want to make sure it's a strong key that is unbreakable by current technology.
1:03 And when we press Enter, it's going to ask us: "Where do you want to save this key?"
1:06 You could save it under your default .ssh subdirectory, which is under home,
1:10 but we're going to specify right here, I typically like to take a look
1:13 at the files after they're generated,
1:15 and we'll call it ./entrepreneurs, by specifying the period and forward slash,
1:19 we are going to save it in the current directory.
1:20 This is up to you, if you want to use a passphrase,
1:22 I typically use a pass phrase on most of my key pairs,
1:27 it depends on whether I'm using them for automated deployments or not,
1:29 anything where I need to automate it I will typically not have a passphrase,
1:33 but for my development keys I typically do have a passphrase,
1:36 just in case that key somehow wherever did get lost.
1:39 So in this case, I won't put in a passphrase but typically I will
1:42 and it's going to be up to you whether you want to do that or not.
1:44 I would recommend for your development purposes have a passphrase
1:48 and then anything that you're doing with deployments, you don't need a passphrase.
1:51 Our key has been generated, and there is two files that are created here,
1:54 the first one is a .pub and a .pub file is a public key,
1:59 the one without .pub is our private key.
2:02 These are plain text files we can take a look at whichever one we want,
2:06 and it will actually show us the inside of the file,
2:08 when you want to upload a public key, you can just copy this bit of text
2:12 and then paste it where it needs to go.
2:14 The other key that's been generated is our private key,
2:16 now typically we would not want to share this private key with anyone,
2:19 you can think of this as the only key that unlocks what has been encrypted
2:25 with your public key, so let's take a look now,
2:28 I normally wouldn't show my own private key but we'll take a look
2:31 of what's inside the private key file.
2:33 "BEGIN RSA PRIVATE KEY", it has very long hash
2:35 and then it'll have the end of the private key, again,
2:38 don't share that with anybody, but now you have the two files
2:41 that you need and we can plug them into GitHub
2:43 or when we need them for other purposes later,
2:45 so save these files somewhere safe, never share your private key
2:49 and you can actually have your public key out wherever you want.
2:52 We have just generated our public and private keys using the ssh-keygen application.