Generating a Secure Deployment Key

Having a secure SSH key is super important. A few things about that will make this key secure:

  1. The ED25519 encryption algorithm
  2. A password protected key (if you password protect your key, you may need to go through additional steps to configure your SSH agent)

If you want to nerd out on why we use this algorithm, you can read this guide.

Generating a new key

Run this on your local machine:

Generate a deployment key on your Desktop

ssh-keygen -o -a 100 -t ed25519 -f ~/Desktop/id_ed25519_deploy -C deploy

Change deploy to whatever you'd like.

What to do with this key

Store this key in a secure place. You may need the private key contents during CI/CD and you'll need to set the public key value in your .spin.yml when you configure your deploy user for your server.