Generating and using new SSH keys

Generating and using new SSH keys

If you ever find yourself in a situation where you're wanting to switch out your current sent of public/private SSH keys for a new pair, this guide will run you through the process, step by step.

To preface, this process could easily lock you out of servers if you aren't careful, so it's best to ensure you have direct access to the machines, should something go wrong.

Step One

Generate a new key by running:

ssh-keygen -f ~/.ssh/new-key

This will generate a new public and private key for you

Step Two

You will now want to remove your old key from any remote servers that may contain them. To do so, access the remote server and edit the ~/.ssh/authorized_keys file. You will want to remove your key from within the file. Simply press dd if using VIM to remove the line

Now paste your newly generated contents into the authorized_keys file on the remote host.

Step Three

We will now back up our old keys and rename the new keys to id_rsa and so that ssh finds it automatically when running the ssh command. To so, we'll run the following commands:

cd ~/.ssh
cp id_rsa id_rsa_old
cp new-key id_rsa

What this does is appends "old" to the end of each of your old keys, along with renaming the new keys to id_rsa and


You should now be able to ssh to your remote server using your new ssh keys. Should you ever need to use your old keys, simply use ssh -i ~/.ssh/id_rsa_old.

That's all there is to it! You'll now have everything set up to use