SSH Key Setup

Guide for Ubuntu/WSL2

Step 1: Create the .ssh Directory

Run this command to create the SSH directory with secure permissions:

mkdir -p ~/.ssh && chmod 700 ~/.ssh

mkdir -p ~/.ssh && chmod 700 ~/.ssh

What this does:

• mkdir -p ~/.ssh – Creates the .ssh directory in your home folder. The -p flag ensures it won’t error if the directory already exists
• chmod 700 ~/.ssh – Sets permissions so only you (the owner) can read, write, or access this directory. This is required for SSH security
• && – Runs the second command only if the first succeeds

Step 2: Generate SSH Keys

Run this command to generate an Ed25519 SSH key pair:

ssh-keygen -t ed25519 -C "wsl2_ubuntu" -f ~/.ssh/id_ed25519 -N ""

ssh-keygen -t ed25519 -C "wsl2_ubuntu" -f ~/.ssh/id_ed25519 -N ""

What this does:

• ssh-keygen – The command that generates SSH key pairs
• -t ed25519 – Specifies the encryption algorithm (Ed25519 is modern, secure, and efficient)
• -C "wsl2_ubuntu" – Adds a comment to identify the key (replace with your own identifier)
• -f ~/.ssh/id_ed25519 – Specifies where to save the keys (creates both private and public key files)
• -N "" – Sets an empty passphrase (no password required when using the key)

Result: This creates two files:

• ~/.ssh/id_ed25519 – Your private key (never share this)
• ~/.ssh/id_ed25519.pub – Your public key (safe to share with services like GitHub)

Step 3: View Your Public Key

To display your public key for copying:

cat ~/.ssh/id_ed25519.pub

Copy this output and add it to services like GitHub, GitLab, or your server’s authorized_keys file.

Step 4: SSH Configuration File Setup

Create SSH Config File

Create the config file:

cat > ~/.ssh/config << 'EOF'
# Server1 example
Host srv1 serv1 server1
    HostName 192.168.1.110
    User user1

# Server2 example
Host srv2 serv2 server2
    HostName 192.168.1.120
    User user2

# Rule for all hosts
Host *
    IdentityFile ~/.ssh/id_ed25519
    SetEnv TERM=xterm-256color
    AddKeysToAgent yes
EOF

cat > ~/.ssh/config << 'EOF'
# Server1 example
Host srv1 serv1 server1
    HostName 192.168.1.110
    User user1

# Server2 example
Host srv2 serv2 server2
    HostName 192.168.1.120
    User user2

# Rule for all hosts
Host *
    IdentityFile ~/.ssh/id_ed25519
    SetEnv TERM=xterm-256color
    AddKeysToAgent yes
EOF

Then set proper permissions:

chmod 600 ~/.ssh/config

chmod 600 ~/.ssh/config

What This Does

Configuration breakdown:

• Host * – Applies to all SSH connections (wildcard matches everything)
• IdentityFile ~/.ssh/id_ed25519 – Uses your Ed25519 key as the default identity
• AddKeysToAgent yes – Automatically adds the key to ssh-agent if running (convenient for repeated connections)

Permission (600):

• Owner can read and write
• No one else can access it
• Required by SSH for security

Verify It Works

Test with any SSH connection:

ssh -T git@github.com

ssh -T git@github.com

Or check which key will be used:

ssh -G github.com | grep identityfile

ssh -G github.com | grep identityfile

This setup makes your Ed25519 key the default for all SSH connections without needing to specify -i flag each time.

Security Notes

• Never share your private key (id_ed25519)
• The .ssh directory must have 700 permissions or SSH will refuse to use your keys
• Consider using a passphrase (remove -N "") for additional security on shared systems