Generating and using new SSH keys
If you ever find yourself in a situation where you're wanting to switch out your current sent of public/private SSH keys for a new pair, this guide will run you through the process, step by step.
To preface, this process could easily lock you out of servers if you aren't careful, so it's best to ensure you have direct access to the machines, should something go wrong.
Generate a new key by running:
ssh-keygen -f ~/.ssh/new-key
This will generate a new public and private key for you
You will now want to remove your old key from any remote servers that may contain them. To do so, access the remote server and edit the
~/.ssh/authorized_keys file. You will want to remove your key from within the file. Simply press
dd if using VIM to remove the line
Now paste your newly generated
new-key.pub contents into the
authorized_keys file on the remote host.
We will now back up our old keys and rename the new keys to
id_rsa.pub so that ssh finds it automatically when running the
ssh command. To so, we'll run the following commands:
cd ~/.ssh cp id_rsa id_rsa_old cp id_rsa.pub id_rsa_old.pub cp new-key id_rsa cp new-key.pub id_rsa.pub
What this does is appends "old" to the end of each of your old keys, along with renaming the new keys to
You should now be able to ssh to your remote server using your new ssh keys. Should you ever need to use your old keys, simply use
ssh -i ~/.ssh/id_rsa_old.
That's all there is to it! You'll now have everything set up to use