Protecting your private ssh-keys
I've noticed that most people are content just generating a keypair via ssh-keygen and using it as it is, but it is extremely important that the private key itself is encrypted. (I am not talking about the passhphrase... I am taking about encryption here). This can be achieved this way
openssl genrsa -aes256 -out raal.pem 2048
This will generate an encrypted .pem file, protected with the password you entered. This pemfile contains both your public and private keys. To extract your public key you need to do this:
chmod 600 raal.pem
ssh-keygen -y -f raal.pem > raal.pub
