A pattern for creating SSH keys for your projects

Create an SSH key (naming matters)

Naming scheme

Pattern

id_ed25519_<your-username>_<your-machine>_<project>

Why

• username → identifies the human
• machine → limits blast radius if a device is lost
• project → scopes access intentionally

Rule 👉 Replace every <…> placeholder with your own values. Do not copy examples literally.

Example (DO NOT COPY AS-IS)

id_ed25519_bob_bobmachine_payments

---

1. Generate the key (replace placeholders)

ssh-keygen -t ed25519 -a 100 \
  -f ~/.ssh/id_ed25519_<your-username>_<your-machine>_<project> \
  -C "<your-username>@<your-machine> | project=<project>"

Example (illustration only):

ssh-keygen -t ed25519 -a 100 \
  -f ~/.ssh/id_ed25519_alice_macbook_platform \
  -C "alice@macbook | project=platform"

Set a passphrase when prompted.

---

2. Load the key

eval "$(ssh-agent -s)"
ssh-add ~/.ssh/id_ed25519_<your-username>_<your-machine>_<project>

---

3. Add SSH config entry

Edit ~/.ssh/config:

Host <alias>
  HostName <host-or-ip>
  User <remote-user>
  IdentityFile ~/.ssh/id_ed25519_<your-username>_<your-machine>_<project>
  IdentitiesOnly yes

Example (illustration only):

Host platform-box
  HostName 203.0.113.10
  User ubuntu
  IdentityFile ~/.ssh/id_ed25519_alice_macbook_platform
  IdentitiesOnly yes

---

4. Share the public key

cat ~/.ssh/id_ed25519_<your-username>_<your-machine>_<project>.pub

Send the output to the server admin.

---

5. Connect

ssh <alias>

---

One-line reminder for your teammates

If you see <something> in a command, you must replace it with your own value.