How to Use a Private Key to Login via SSH: Step-by-Step Guide 2025
by Chelsea Bruhl on Sep 26, 2025

How to Use a Private Key to Login SSH
This 2025 step-by-step guide shows how to generate SSH keys, configure your server for key-based authentication, and log in securely.
What you need to login via SSH using a private key
- An SSH client (OpenSSH on Linux/macOS, PuTTY on Windows).
- A text editor.
- Terminal or shell access with appropriate privileges.
- Access to both local and remote servers.
- Your private key (or the ability to generate one).
Preparing your server
Create a secure SSH directory and set correct permissions:
mkdir -p ~/.ssh
chmod 700 ~/.ssh
Store keys in that directory. Each user who needs key-based access must repeat these steps for their account.
For Linux or any OS that supports OpenSSH
Step 1 — Generate a key pair
ssh-keygen -t rsa
Press Enter to accept defaults (id_rsa / id_rsa.pub) or supply custom path/filename. Adding a passphrase is optional but recommended for extra security.
Step 2 — Ensure private key permissions are strict
chmod 600 ~/.ssh/id_rsa
Step 3 — Copy your public key to the server
ssh-copy-id USER@IP
- Replace
USER
with the remote username andIP
with the server address.
Step 4 — SSH using the key
ssh USER@IP
If you used a non-default key path, specify it with -i
:
ssh -i /path/to/private/key USER@IP
Optional — Use ssh-agent to avoid repeated passphrase prompts
ssh-agent $BASH
ssh-add ~/.ssh/id_rsa
Enter the passphrase when prompted; the agent caches the unlocked key for the session.
Using PuTTY (Windows)
Install PuTTY and PuTTYgen from the official PuTTY download page. In PuTTYgen:
- Select SSH-2 RSA and click Generate; move the mouse to create entropy.
- Save the private key as a
.ppk
file and copy the public key text. - On the server, paste the public key into
~/.ssh/authorized_keys
(single line).
Connect with PuTTY
- Under Session, enter Host Name or IP.
- Go to Connection → SSH → Auth and browse to your
.ppk
private key. - Open the session to connect using key-based authentication.
Using a private key on a remote VM (example)
- Copy the private key file to the VM (securely).
- Confirm the file exists with
ls
. - Set strict permissions:
chmod 600 filename
. - SSH using:
ssh -i filename root@10.30.15.176
Turn off password authentication (after testing keys)
Edit the SSH config:
sudo nano /etc/ssh/sshd_config
Ensure these settings:
PasswordAuthentication no
PubkeyAuthentication yes
Then restart SSH:
sudo systemctl restart sshd
Be cautious: only disable password auth after confirming key-based logins work for all needed accounts.
Why use public-key authentication?
- Stronger than typical passwords; RSA keys are much harder to brute-force.
- The private key never leaves the client machine; only the public key is shared.
- Optional passphrase adds another protection layer.
Conclusion
Keep private keys secure and consider using unique keys per client for better compromise isolation. If you lock yourself out, use console access or a recovery method provided by your host.