UNIX / Linux keyboard.

How to Set Up and Use SSH
Step 3 — User Work with SSH Keys

Protect the Accounts

If you haven't done it yet, now would be a good time to disable all unneeded accounts and make sure that all accounts still in use have strong passwords. Attackers are trying constantly to guess passwords. See the earlier section for details.

Create the Keys

The user needs to generate SSH public/private key pairs. Use the following command sequence. Provide a strong passphrase, since security rests on this being extremely difficult to guess. Unless you really want to greatly confuse and inconvenience yourself, use the same passphrase for all key pairs! Accept the default locations for key storage:

$ cd ~/.ssh
$ ssh-keygen -t rsa
$ ssh-keygen -t dsa
$ ssh-keygen -t ecdsa -b 521
$ ssh-keygen -t ed25519
$ sort -u authorized_keys *.pub -o authorized_keys
$ chmod 644 authorized_keys

The sort command will keep any other keys already in your authorized_keys file. Permission mode matters on that file, the SSH daemon will refuse to pay attention to files with inappropriate permission settings.

Distribute the Keys

Once those keys are generated, the entire directory ~/.ssh must be copied into place on all systems. If you are using NFS and automounting, this is already done! If you are not, then the administrator might need to get involved briefly.

At every login, if keychain is installed the user will be prompted for their password. If not, the user simply runs this command:

$ ssh-add

Type your SSH key passphrase (what you typed back when you generated the keys). Now everything is automatic! Commands like ssh, scp, and sftp automatically authenticate with keys without any password-typing by you!

Test it like this:

$ ssh-add -l
2048 SHA256:iPhC3AyXUos7/1aaO4qeoEJcb0bp4SAv0fmpjih9tC8 /home/cromwell/.ssh/id_rsa (RSA)
1024 SHA256:EsubOsP2kSMOoQJSHQ6+MKdwtD2SV54RJY/mlFeaouc /home/cromwell/.ssh/id_dsa (DSA)
521 SHA256:TGjRDHyS+OLaYWDct7G7NZN1k+vSS2R9PJcOBkfCmKE /home/cromwell/.ssh/id_ecdsa (ECDSA)
256 SHA256:+o3rP/Mz5bpp+Vwj3XuOsO6zeT1gnwrcutKiRuHD3jM cromwell@kc9rg.org (ED25519)