Public and Private Keys – What They Are Used For and How to Generate Them

A key pair — public and private — forms the foundation of asymmetric cryptography. It enables secure data encryption, digital signatures, and user authentication without relying on passwords.

What Are Cryptographic Keys Used For?

 

Public and private keys are used, among others, for:

  • encrypting and protecting confidential data,
  • signing files and e-mail messages,
  • secure login to servers and network devices (SSH, routers, switches) without the need to enter a password.


 

klucze kryptograficzne
klucze kryptograficzne1

How Does It Work?

The administrator or user generates a key pair.

  • The public key is placed on the server (for example, in the file ~/.ssh/authorized_keys).
  • The private key is kept strictly confidential — it must never be shared.

When logging in, the client (e.g., your computer) proves that it possesses the corresponding private key. The server verifies this using the public key. As a result, the authentication is secure and does not require any passwords.
 

How to Generate a Key Pair


There are multiple ways to generate cryptographic keys. Below are two of the most common methods:

1. OpenSSL (Linux, macOS, Windows)

In the terminal, enter the following commands:

openssl genpkey -algorithm RSA -out private.pem -pkeyopt rsa_keygen_bits:2048  
openssl rsa -pubout -in private.pem -out public.pem


This will generate a private key (private.pem) and its corresponding public key (public.pem).

 

2. PuTTYgen (Windows)

PuTTYgen is a simple utility for generating SSH keys.

Step-by-step guide:

  • Download and install PuTTY from https://www.putty.org
  • Launch PuTTYgen.
  • Choose the key type — preferably Ed25519 (it is more modern and secure than RSA).
  • Click Generate and move your mouse around to create randomness.
  • Save the private key (Save private key) and copy the public key.
  • Paste the public key on your server in the file ~/.ssh/authorized_keys.

From now on, you can log in to your server (e.g., VPS or router) without a password — simply specify your private key in the PuTTY client.

Summary

Public and private keys are the cornerstone of secure online communication.
They enable data encryption, user authentication, and password-less login.

This article explained how to generate a key pair using OpenSSL or PuTTYgen and how to use it for SSH authentication.
By implementing this method, your server connections will become not only more convenient but, above all, significantly more secure.

 

Author: Marek Czwartyński, Senior IT Support Specialist, Support and Service. SI-Consulting

SITIP