How do I add SSH Keys to authorized_keys file?

You should never save the file with its contents starting with -----BEGIN RSA PRIVATE KEY----- on the server, that is your private key. Instead, you must put the public key into the ~/.ssh/authorized_keys file.

This public key has the .pub extension when generated using ssh-keygen and its contents begin with ssh-rsa AAAAB3. (The binary format is described in the answers to this question).

The permissions of ~/.ssh on the server should be 700. The file ~/.ssh/authorized_keys (on the server) is supposed to have a mode of 600. The permissions of the (private) key on the client-side should be 600.

If the private key was not protected with a password, and you put it on the server, I recommend you to generate a new one:

ssh-keygen -t rsa

You can skip this if you're fully sure that nobody can recover the deleted private key from the server.

If this does not help, run ssh with options for more verbosity:

ssh -vvv [email protected]

On the server side, you can review /var/log/auth.log for details.


An alternative way to install your public key in the remote machine's authorized_keys:

cat ~/.ssh/id_rsa.pub | ssh USER@HOST "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys"

Some advantages:

  • does not require ssh-copy-id to be installed.

  • guarantees that mkdir works before attempting to append id_rsa.pub to authorized_keys.


If you have login based authentication then use ssh-copy-id to append your public keys to remote server.

ssh-copy-id user@host