How to Set Up and Use SSH
Step 3 — User Work with SSH Keys

Protect the Accounts

If you haven't done it yet, now would be a good time to disable all unneeded accounts and make sure that all accounts still in use have strong passwords. Attackers are trying constantly to guess passwords. See the earlier section for details.

Create the Keys

The user needs to generate SSH public/private key pairs. Use the following command sequence. Provide a strong passphrase, since security rests on this being extremely difficult to guess. Unless you really want to greatly confuse and inconvenience yourself, use the same passphrase for all key pairs! Accept the default locations for key storage:

$ cd ~/.ssh
$ ssh-keygen -t rsa
$ ssh-keygen -t ecdsa -b 521
$ ssh-keygen -t ed25519
$ sort -u authorized_keys *.pub -o authorized_keys
$ chmod 644 authorized_keys

The sort command will retain any other keys already in your authorized_keys file. Permission mode matters on that file, the SSH daemon will refuse to pay attention to files with inappropriate permission settings.

Stay Up To Date

The above command sequence did not generate a DSA key pair, also called SSH-DSS. OpenSSH 7.0 dropped support for DSS. Yes, ssh-keygen can create DSS key pairs, and you can configure an SSH server to accept those keys, but you don't want to do that.

Stay up to date. Use trusted cryptography.

Here's what the above sequence generated:

2048-bit RSA key pair. With OpenSSH 7.0 and later, ssh-keygen generates 2048-bit RSA key pairs by default. You could specify -b 4096, but 2048 bits is considered strong enough today.

521-bit ECDSA key pair. Yes, that's really 521 and not 512! A simple answer is "Because that's what everyone does." To be official, the P521 elliptic curve is specified by NIST. The mathematical reason behind that is that 2²⁵¹ - 1 is a Mersenne prime.

256-bit Ed25519 key pair. That's another elliptic curve system, considered to be as strong as RSA with a roughly 3000-bit key, and thought to be stronger than 521-bit ECDSA. See the SafeCurves web page for comparison of elliptic curve systems, including how Curve25519 is more trusted than the NIST P521.

For much more discussion on why DSA was dropped and the relative security of RSA, ECDSA (P521), and Ed25519 (Curve25519), see:
StackExchange 5096 StackExchange 23383 StackExchange 50878

Distribute the Keys

Once those keys are generated, the entire directory ~/.ssh must be copied into place on all systems. If you are using NFS and automounting, this is already done! If you are not, then the administrator might need to get involved briefly.

At every login, if keychain is installed the user will be prompted for their password. If not, the user simply runs this command:

$ ssh-add

Type your SSH key passphrase (what you typed back when you generated the keys). Now everything is automatic! Commands like ssh, scp, and sftp automatically authenticate with keys without any password-typing by you!

Test it like this:

$ ssh-add -l
2048 SHA256:iPhC3AyXUos7/1aaO4qeoEJcb0bp4SAv0fmpjih9tC8 /home/cromwell/.ssh/id_rsa (RSA)
521 SHA256:TGjRDHyS+OLaYWDct7G7NZN1k+vSS2R9PJcOBkfCmKE /home/cromwell/.ssh/id_ecdsa (ECDSA)
256 SHA256:+o3rP/Mz5bpp+Vwj3XuOsO6zeT1gnwrcutKiRuHD3jM cromwell@kc9rg.org (ED25519)