How to generate SSH key with Ed25519 signature

Ade Destrianto · Posted on

In this guide I will generate a SSH key with Ed25519 signature in CentOS 7.

Let’s begin.
1. Create a new user.
useradd someuser
2. Set the user’s password.
passwd someuser
3. Give the user an ability to elevate to root user. (Optional)
usermod -aG wheel someuser
4. Generate SSH key for the user with Ed25519 signature. (In this scenario SSH key use no passphrase)
ssh-keygen -t ed25519 -a 100 -C “someuser”

5. Install the generated public key on the server as an user’s authorized key, locally.
ssh-copy-id -i /root/.ssh/someuser.pub someuser@localhost

6. Test SSH to the server locally.
ssh -i /root/.ssh/someuser someuser@localhost

7. Configure SSH server to set Ed25519 host key only and refuse password authentication.
vi /etc/ssh/sshd_config
Give a comment (#) to all host keys except Ed25519.

Set PasswordAuthentication to no.

8. Download the generated /root/.ssh/someuser private key file to PC.

9. Restart SSH server service.
systemctl restart sshd
10. Convert the generated private key into PPK formats with PuTTY Key Generator. (In this scenario the private key use no passphrase)

11. Test SSH to the server with the PPK file.

12. Successfully logged in with Ed25519 SSH key.

Ade Destrianto
Just tryna git gud.

Leave a Reply

Your email address will not be published. Required fields are marked *