Previous: Getting Started Next: Step 2 - Share your SSH public key with us
SSH authentication is widely regarded as the most secure and reliable method for accessing an SFTP server. It uses the Secure Shell (SSH) protocol to establish an encrypted connection, ensuring that data transferred between the client and server remains private and protected from interception. Unlike basic password authentication, SSH key-based authentication adds an extra layer of security by requiring a private key on the client side that matches a public key stored on the server. This eliminates the risk of brute-force attacks or stolen credentials, as the private key never gets transmitted. Additionally, SSH keys can be further secured with passphrases and are easier to automate safely in scripts and scheduled tasks, making them ideal for both human and system-level access. Overall, SSH authentication combines strong encryption, identity verification, and secure automation, making it the best practice for accessing SFTP servers. These steps will help you generate a new SSH key pair using your terminal on Linux, macOS, or Windows We will need only your public key (that is safe to share and helps us set up authentication). Your private key will also be created (and protected by the passkey) - keep it to yourself and never share it with anyone!

Step 1: Open your terminal

  • macOS: Open the Terminal app
  • Linux: Use your default terminal
  • Windows: Use PowerShell or Terminal

Step 2: Check for existing SSH keys

Run this command to see if you already have SSH keys: 
ls ~/.ssh
Look for files like:
  • id_rsa / id_rsa.pub
  • id_ed25519 / id_ed25519.pub
If you find them, proceed to Step 6: View your public key If not, continue reading ;)

Step 3: Generate a new SSH key pair

Use the ssh-key command to generate a new SSH key pair: 
ssh-keygen -C "your_email@example.com"
Adding your_email@example.com is just the argument for -C, which allows you to specify the comment attached to the generated key. The comment is simply text appended to the key in your public key file, and is typically used as a label for your key. The default comment is your username @ the hostname of the system you generate your key on, but it can be any string you wish.

Step 4: Choose the file location

You’ll be prompted: 
Enter file in  which to save the key (/home/youruser/.ssh/id_ed25519):`
  • Press Enter to accept the default - we recommend this option
  • Or enter a custom path if needed
⚠️ If the file exists, you’ll be asked to overwrite - only do this if you’re sure you want to do that!

Step 5: Set a Passphrase

You’ll see: 
Enter passphrase (empty for no passphrase):
  • Type a secure passphrase (you won’t see characters as you type)
  • Press Enter, then confirm
🔐 A passphrase protects your private key, you will need it to authenticate
At this point, you should have both your public and private keys created. Typically, your private key is the file without the extension (id_ed25519), while your public key has .pub as the file extension (id_ed25519.pub)

Step 6: View your public key

Whether you already had it or just created it, let’s quickly check if everything went well. Run: 
cat ~/.ssh/id_ed25519.pub
(in case you changed the key file name, make sure to point to the correct file in your command instead of id_ed25519.pub) You’ll see something like: 
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMF... your_email@example.com
You can use this key on servers, services like GitHub or any other place that supports SSH authentication. For our needs, you would need to share .pub file with us, so we import it on our SFTP server. To see how to do that, proceed to the next step.

Next: Step 2 - Share your SSH public key with us