I’m sorry for asking, but are you very new to Linux? It seems like you got it sorted out, but when you see something along the lines of </path/to/somewhere>, you should omit the <>. Basically, in your case, the command you are supposed to execute is sudo ssh-keygen -t ed25519 -b 4096 -C “root@ip_address” -f ~/.ssh.
My bad, I should’ve elaborated on the procedure. But I am glad you found out
After the second command, you will be presented with a list.
At the first prompt, you press ‘9’ (which is ECC and ECC).
At the second prompt, press ‘1’ (Curve 25519).
You will see a third prompt, which is a warning, but nothing to worry about. Press ‘y’ and hit enter.
It will ask for the expiration of the key. This is up to you, my personal key never expires, so I chose ‘0’ (never expires). Another prompt right after this asks you to confirm your choice, so press ‘y’.
It will ask for your real name, an email address and a comment. IMPORTANT: if you are using it for… “questionable” purposes, it goes without saying that you should not enter your real name and email address (or any identifiable information).
A couple of options will be presented to you again (e.g. if you want to change anything). Press ‘o’ if everything looks good to go to the next step.
It will ask you to do something to generate enough entropy (“randomness”), like moving the mouse etc.
A pop-up window will show up and ask you to enter a passphrase for the key. Enter your desired passphrase.
The terminal will present you various information of the key you generated.
There should be a line that goes pub ed25519/RANDOM_NUMBER. Copy RANDOM_NUMBER (not the rest) before proceeding to the next step.
Done with the first part! Now, on to the next: subkeys.
ERROR: It is also possible that a host key has just been changed.
ERROR: The fingerprint for the ED25519 key sent by the remote host is
ERROR: Please contact your system administrator.
ERROR: Add correct host key in /var/home/username/.ssh/known_hosts to get rid of this message.
ERROR: Offending ED25519 key in /var/home/username/.ssh/known_hosts:1
ERROR: Host key for has changed and you have requested strict checking.
ERROR: Host key verification failed.
$ cat ~/.ssh/id_ed25519.pub
ssh-ed25519 <REALLY LONG STRING OF RANDOM CHARACTERS> user@host
Open up a terminal and enter ssh-keygen -R hostname (this will remove the entry from the known_hosts file).
SSH into the host (ssh IP_ADDRESS). It will prompt you if you want to continue connecting - enter ‘yes’.
Once you’ve managed to enter, press Ctrl+D to disconnect from the host.
Now, to add the key to the target, you enter ssh-copy-id -i $HOME/.ssh/YOUR_KEY_NAME.pub IP_ADDRESS.
It will ask you for the password. Enter it.
Disconnect by pressing Ctrl+D again.
[OPTIONAL STEPS BELOW]
Check if the ssh-agent is running in the background by using eval $(ssh-agent). You should get an output like Agent pid NUMBER
If the agent is running in the background (which it most likely is) you can use ssh-add to cache the passphrase to connect to the remote; it will ask you for the passphrase once, after which, you can just type ssh IP_ADDRESS and it will launch you directly into the remote without asking for a password. This is not persistent, though: it will only last as long as you have the terminal window open.
As for creating an SSH-key, the steps are as follows:
Open a terminal and enter ssh-keygen -t ed25519 -C "COMMENT TO IDENTIFY KEY" (COMMENT TO IDENTIFY KEY should obviously be substituted with something you enter but the " " should be left there).
It will ask you in which file to enter the key. NOTE: you can press enter and it will store the key in the path between the parentheses, with that filename. If you already have a key with the same name in that directory, it will overwrite the key unless you enter the whole path! E.g. /home/YOURUSER/.ssh/YOUR_PREFERRED_FILENAME.
It will ask you to enter a custom password.
You can verify if the key was successfully created, or check which keys you have, by using the command ls -la $HOME/.ssh. It will appear as YOUR_KEY_NAME and YOUR_KEY_NAME.pub.