Scribd Logo
Upload

Welcome to Scribd!

  • SSH Key Pair Generation v2

    Uploaded by

    IsaiSin20
    16 views7 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    16 views7 pages

    SSH Key Pair Generation v2

    Uploaded by

    IsaiSin20

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 7

    Public and Private SSH Key generation for SFTP connection

    Generate key pair on a Windows system.

    1. Download PuTTYgen.exe this can be done from https://www.puttygen.com/download-putty

    2. To open PuTTYgen, go to Windows -> Start Menu -> All Programs -> PuTTY -> PuTTYgen.

    3. You will see the PuTTY Key Generator dialog box on your screen (as below)

    4. You will find a “Generate” button in that dialog. Clicking on it will lead to generating the keys for
    you.

    Classification: Public
    5. After clicking the “Generate”-button, move the mouse randomly to generate the pair.

    6. Once the key generation is completed, click on “Save private key” to save the private key in PPK
    format (which is default).
    Or alternatively, click on “Conversions” and then “Export OpenSSH key” to save the key in PEM
    format. This private key needs to be installed on your system.

    Note: You will be prompted with this warning. It is not mandatory to enter a passphrase, so just
    click “Yes”.

    Classification: Public
    7. Now click on “Save public key” to save the public key that will be shared with Maersk.

    In “Type of key to generate:”, select RSA, ECDSA or ED25519

    Classification: Public
    Do NOT choose “SSH-1 (RSA)” or “DSA”

    8. Please save the public key on your local system and send it to your Maersk responsible as an
    attachment in mail.

    Note, that you might have to rename the public key-file i.e. as “.TXT” for your mail-client to accept
    the attachment.

    Classification: Public
    Generating key pair on a Linux system.

    1. Run the following command from a Linux terminal :


    ssh-keygen -t rsa -b 2048

    You will get the below message :

    2. Then you will be promted as below :

    3. Enter a desired name for the keyfile for example “key”and press enter.

    4. Enter a password to password protect your key or just press enter to not set any password :

    5. You will get two files:

    key → This is your private key. This needs to be installed on your system.
    key.pub → Share this file with Maersk responsible in mail.

    Classification: Public
    List of recommended and deprecated encryption algorithms

    Public Key Handling:

    1 ecdsa-sha2-nistp256 Recommended
    2 ecdsa-sha2-nistp384 Recommended
    3 ecdsa-sha2-nistp521 Recommended
    4 ecdsa-sha2-nistp521-cert-v01@openssh.com Recommended
    5 rsa-sha2-512 Recommended
    6 x509v3-ecdsa-sha2-nistp384 Recommended
    7 rsa-sha2-256 Recommended
    8 ssh-ed25519-cert-v01@openssh.com Recommended
    9 x509v3-rsa2048-sha256 Recommended
    10 ecdsa-sha2-nistp256-cert-v01@openssh.com Recommended
    11 ecdsa-sha2-nistp384-cert-v01@openssh.com Recommended
    12 x509v3-ecdsa-sha2-nistp256 Recommended
    13 ssh-ed25519 Recommended
    14 x509v3-ecdsa-sha2-nistp521 Recommended
    15 ssh-rsa Deprecated
    16 ssh-dss Deprecated
    17 x509v3-sign-rsa-sha1 Deprecated
    18 ssh-dss-cert-v01@openssh.com Deprecated
    19 x509v3-ssh-dss Deprecated
    20 x509v3-sign-rsa Deprecated
    21 x509v3-sign-dss Deprecated
    22 x509v3-ssh-rsa Deprecated
    23 ssh-rsa-cert-v01@openssh.com Deprecated

    Key Exchanges:

    1 diffie-hellman-group-exchange-sha256 Recommended
    2 ecdh-sha2-nistp256 Recommended
    3 ecdh-sha2-nistp384 Recommended
    4 ecdh-sha2-nistp521 Recommended
    5 diffie-hellman-group18-sha512 Recommended
    6 diffie-hellman-group15-sha512 Recommended
    7 diffie-hellman-group17-sha512 Recommended
    8 diffie-hellman-group16-sha512 Recommended
    9 rsa2048-sha256 Recommended

    Classification: Public
    10 diffie-hellman-group14-sha256 Recommended
    11 curve25519-sha256@libssh.org Recommended
    12 curve25519-sha256 Recommended
    13 diffie-hellman-group14-sha1 Deprecated
    14 diffie-hellman-group-exchange-sha1 Deprecated
    15 diffie-hellman-group1-sha1 Deprecated
    16 rsa1024-sha1 Deprecated

    Ciphers:

    1 aes256-ctr Recommended
    2 aes192-ctr Recommended
    3 aes128-ctr Recommended
    4 aes256-gcm@openssh.com Recommended
    5 chacha20-poly1305@openssh.com Recommended
    6 aes128-gcm@openssh.com Recommended
    7 3des-ctr Deprecated
    8 aes256-cbc Deprecated
    9 aes192-cbc Deprecated
    10 aes128-cbc Deprecated
    11 3des-cbc Deprecated
    12 blowfish-cbc Deprecated
    13 arcfour256 Deprecated
    14 arcfour128 Deprecated
    15 arcfour Deprecated

    HMACs:

    1 hmac-sha2-512-etm@openssh.com Recommended
    2 hmac-sha2-256-etm@openssh.com Recommended
    3 hmac-sha2-512 Recommended
    4 hmac-sha2-256 Recommended
    5 hmac-sha2-512-96 Recommended
    6 hmac-sha2-256-96 Recommended
    7 hmac-sha1-etm@openssh.com Deprecated
    8 hmac-md5-etm@openssh.com Deprecated
    9 hmac-sha1 Deprecated
    10 hmac-sha1-96 Deprecated
    11 hmac-md5 Deprecated
    12 hmac-md5-96 Deprecated

    Classification: Public

    You might also like