This tutorial will talk you through generating a new SSH key in JuiceSSH and adding it to a server, to allow key based authentication.


  1. Create a new identity (or edit an existing one):


  2. Press the set private key button. This will bring up a dialog allowing you to either import an existing private key, or generate a new one:


  3. Choose the desired key length (we recommend 2048 bit).

  4. We also recommend encrypting the key with a passphrase however this is optional.

  5. Click the OK button to generate your key. JuiceSSH uses SecureRandom (with Google's security patch applied) to provide entropy for key generation.



Once the key is generated you will need to configure your server(s) to allow this key.

If you are a JuiceSSH Pro user, you can take advantage of an auto-generated snippet to do this for you:

  1. Click the 'Generate Snippet' button on the identity create/edit page
  2. SSH into the desired server. As your private key is not configured yet on the server, JuiceSSH will prompt for password authentication instead
  3. Once SSH'd in, long-press the terminal to show the context menu, and select Snippets:


  4. Select the snippet named 'Add Key: <your identity name>'
  5. The snippet will add your public key to the ~/.ssh/authorized_keys file and set the correct permissions

     


If you are not a JuiceSSH Pro user, you can manually perform the following steps:


  1. Long-press the identity in the identity list and select the 'Export Public Key' item
  2. Save the public key to email/dropbox/whatever and transfer it to your server
  3. Run the following commands on the desired server to add it to your ~/.ssh/authorized_keys file:

    mkdir -p ~/.ssh
    chmod 700 ~/.ssh
    echo "<your public key>" >> ~/.ssh/authorized_keys
    chmod 600 ~/.ssh/authorized_keys 



You should now be able to use the key from JuiceSSH to authenticate with your server.

If you are still prompted for a password and key authentication is not working, please see this FAQ article for troubleshooting steps:

https://sonelli.com/faq/why-isnt-my-private-key-working-juicessh-still-prompts-for-password-authentication