Python for Entrepreneurs Transcripts
Chapter: Source Control and Git
Lecture: SSH Key Management in Linux and macOS

Login or purchase this course to watch this video and the rest of the course contents.
0:01 In this video, we're going to use the ssh-keygen tool, on Linux and macOS X, in order to generate our public and private SSH keys.
0:10 we've shifted over into the command line, and we're going to use the ssh-keygen application.
0:16 But before we do that, I want to introduce the "man" command, "man" is for manual, so if we type "man ssh-keygen", it will give us all the parameters
0:23 and some contextual information about using the ssh-keygen application, if you are ever wondering which arguments you should be using with the command,
0:31 use the "man" command in order to take a look at what that command is that you are going to be using.
0:38 Now, we can use the ssh-keygen command and we pass it two parameters, the first is "-t", so we're specifying what type of key we want to create,
0:46 and pass an "rsa" for the RSA type, and we'll pass on the number of bits that we want for our key, we'll say 2048,
0:53 now 2048 should be the default and most systems but we want to manually specify that, just in case, by default on some systems is less than that,
0:59 we want to make sure it's a strong key that is unbreakable by current technology.
1:04 And when we press Enter, it's going to ask us: "Where do you want to save this key?"
1:07 You could save it under your default .ssh subdirectory, which is under home, but we're going to specify right here, I typically like to take a look
1:14 at the files after they're generated, and we'll call it ./entrepreneurs, by specifying the period and forward slash,
1:20 we are going to save it in the current directory. This is up to you, if you want to use a passphrase,
1:23 I typically use a pass phrase on most of my key pairs, it depends on whether I'm using them for automated deployments or not,
1:30 anything where I need to automate it I will typically not have a passphrase, but for my development keys I typically do have a passphrase,
1:37 just in case that key somehow wherever did get lost. So in this case, I won't put in a passphrase but typically I will
1:43 and it's going to be up to you whether you want to do that or not. I would recommend for your development purposes have a passphrase
1:49 and then anything that you're doing with deployments, you don't need a passphrase.
1:52 Our key has been generated, and there is two files that are created here, the first one is a .pub and a .pub file is a public key,
2:00 the one without .pub is our private key. These are plain text files we can take a look at whichever one we want,
2:07 and it will actually show us the inside of the file, when you want to upload a public key, you can just copy this bit of text
2:13 and then paste it where it needs to go. The other key that's been generated is our private key,
2:17 now typically we would not want to share this private key with anyone, you can think of this as the only key that unlocks what has been encrypted
2:26 with your public key, so let's take a look now, I normally wouldn't show my own private key but we'll take a look
2:32 of what's inside the private key file. "BEGIN RSA PRIVATE KEY", it has very long hash and then it'll have the end of the private key, again,
2:39 don't share that with anybody, but now you have the two files that you need and we can plug them into GitHub
2:44 or when we need them for other purposes later, so save these files somewhere safe, never share your private key
2:50 and you can actually have your public key out wherever you want. We have just generated our public and private keys using the ssh-keygen application.

Talk Python's Mastodon Michael Kennedy's Mastodon