20.3.4.2. Generating a DSA Key Pair for Version 2

Use the following steps to generate a DSA key pair for version 2 of the SSH Protocol.

To generate a DSA key pair to work with version 2 of the protocol, type the following command at a shell prompt:
```
ssh-keygen -t dsa
```
Accept the default file location of ~/.ssh/id_dsa. Enter a passphrase different from your account password and confirm it by entering it again.
Note
A passphrase is a string of words and characters used to authenticate a user. Passphrases differ from passwords in that you can use spaces or tabs in the passphrase. Passphrases are generally longer than passwords because they are usually phrases instead of a single word.
The public key is written to ~/.ssh/id_dsa.pub. The private key is written to ~/.ssh/id_dsa. It is important never to give anyone the private key.
Change the permissions of the .ssh directory with the following command:
```
chmod 755 ~/.ssh
```
Copy the contents of ~/.ssh/id_dsa.pub into the file ~/.ssh/authorized_keys on the machine to which you want to connect. If the file ~/.ssh/authorized_keys exist, append the contents of the file ~/.ssh/id_dsa.pub to the file ~/.ssh/authorized_keys on the other machine.
Change the permissions of the authorized_keys file using the following command:
```
chmod 644 ~/.ssh/authorized_keys
```
If you are running GNOME, skip to Section 20.3.4.4, “Configuring ssh-agent with GNOME”. If you are not running the X Window System, skip to Section 20.3.4.5, “Configuring ssh-agent”.

Select Your Language