Generating SSH Key pairs

Instructions for creating a pair of SSH keys.

There are several utilities for generating SSH key pairs, including:

  • Mac OS X and Linux — Use the ssh-keygen command-line utility.

  • Windows — Use PuTTYgen.

These instructions describe how to create the keys with ssh-keygen.

Note: For an in-depth discussion of SSH and key pairs, see SSH. For a complete description of generating keys, see How to use ssh-keygen to generate a new SSH key.
Restriction: Experience Cloud requires a comment in the key, even though the standard says the Comment field is optional. Medallia recommends including your email address as the comment to add to the keys to identify who generated the key.

Key-pairs should use the RSA/4096 encryption algorithm. By default, the keys are named id_rsa and id_rsa.pub. Instead of "id_rsa" you can change the filename to be more descriptive of the application.

The following example (run in a terminal window on a Mac) generates a key:

  • File named ~/.ssh/orion-key using the recommended options.

  • Using the RSA algorithm.

  • Bit length 4096, which Medallia recommends. If the client requires a shorter length, such as for RSA 2048, change the number to match, like this: -b 2048.

  • In the PEM key format. Some versions of ssh-keygen require a -i before the -m, like this: -i -m PEM Try that option if the example fails.

  • With a comment (-C) that includes your email address. Anyone looking at the generated key will see the comment and know who to contact when there are questions about the key.

The utility will prompt you to enter a passphrase. Optionally you can include -N 'passphrase' in the command-line to avoid the prompt.

ssh-keygen -f ~/.ssh/orion-key -t rsa -b 4096 -m PEM -C "your_email@example.com"
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase): [Type a passphrase]
Enter same passphrase again: [Type passphrase again]
Tip: Change the email address example in the example above. We recommend using the client distribution email address provided by Medallia for export specification.

You can now send the public key (*.pub) to the server admin. The keys are text files. Experience Cloud configurations usually need the contents of the files, not the files themselves.

Tip: To copy the contents of public key to your Mac clipboard (to be pasted into an email message), use pbcopy. To copy the public key:
pbcopy < ~/.ssh/orion-key.pub
To copy the contents of the private key:
pbcopy < ~/.ssh/orion-key

Note that when you press enter to get the public and/or the private key, each key gets automatically copied to the clipboard. Store each value for later use during import and export specification setup.