SSH Decoded

SSH Decoded

What is an SSH key, and how does it work?

Have you ever wondered exactly how an SSH key works? What’s it for anyway? Look no further! Let’s get to the bottom of this, shall we?

Here is a breakdown of what an SSH key is and how it can make you feel as free as a baby cheetah running alone in the savanna.

SSH stands for Secure Shell. No, not secure hell. That’s something different. It’s a program that allows you or your app to log into another computer over a network, complete some commands on that computer and then come back your computer with those files.

Simple, right? It’s just like a little messenger that goes back and forth between your server and the remote server.

Public and Private

When an SSH key is generated, it is composed of two sections: public and private, which is exactly what it sounds like.

The public component of the key can be put up anywhere; in fact, it is important that other people know about it. The private component is how you prove to the remote server that you are authorized to perform an action on the remote server.

If it’s not obvious, the private section of the key should never leave your machine—especially if there’s any doubt that it could be compromised in any way. You may create a key with a passphrase on it which will need to be re-entered every time you use it.

The Exchange of Info

In order to exchange the info, your app will send a request to a remote server with a list of all the public keys it has access to. The server will find the public key to give permission back to the user. Therefore, you can think of a public key as a lock template that can only be unlocked by the corresponding private key.

The server will generate one of these locks, and send a request with the lock back to the client. The client, assuming it has the private key, will send it back up to the server. This tells the server that the client is allowed to perform actions on the server.

Using a (Secret) Agent

An agent is a program that runs on the client so the app doesn’t need to know how any of the process described above works. The secure communication between the server and the app is handled by the agent, rather than by the app itself.

A major benefit of this is that only the agent needs to know how to talk to the server. Your app has no time for this information or drama. It’s like your very mature friend who walks away when the gossip starts flying.

So…the app itself doesn’t have to know the encryption of the keys or even where the keys are! Your app can stay busy minding its own business. You add a key once to the agent, and any app can communicate with that agent on the client; it already has access to all those keys, and you don’t have to add them individually.

Rejoice! Now you know all about SSH. So save your drama for your mama…or your agent.

P.S. GitKraken is a Git GUI client that can generate an SSH key for you automatically. It can even add it to your GitHub account if you give it permission. Since GitKraken uses its own bundled copy of an SSH library, nothing needs to be configured outside of the app. Now that’s really something to rejoice about!

Stay on the cutting edge of software development by getting innovative tips, trends and stories delivered to your inbox every month!

Agile project management software
Plan, develop, review, and ship fast


The downright luxurious Git client
For Windows, Mac & Linux