Here's the key generation section from the Wikipedia article.  It's
   hard to move my body toward this.
   ===Key generation===
   The keys for the RSA algorithm are generated in the following way:
   # Choose two distinct [[prime number]]s ''p'' and ''q''.
   #* For security purposes, the integers ''p'' and ''q'' should be chosen
   at random, and should be similar in magnitude but differ in length by a
   few digits to make factoring harder.<ref name="rsa"/> Prime integers
   can be efficiently found using a [[primality test]].
   #* ''p'' and ''q'' are kept secret.
   # Compute {{nowrap|1=''n'' = ''pq''}}.
   #* ''n'' is used as the [[Modular arithmetic|modulus]] for both the
   public and private keys. Its length, usually expressed in bits, is the
   [[key length]].
   #* ''n'' is released as part of the public key.
   # Compute ''λ''(''n''), where ''λ'' is [[Carmichael's totient
   function]]. Since ''n'' = ''pq'', ''λ''(''n'') = [[least common
   multiple|lcm]](''λ''(''p''),''λ''(''q'')), and since ''p'' and ''q''
   are prime, ''λ''(''p'') = ''[[Euler totient function|φ]]''(''p'') =
   ''p'' − 1 and likewise ''λ''(''q'') = ''q'' − 1. Hence ''λ''(''n'') =
   lcm(''p'' − 1, ''q'' − 1).
   #* ''λ''(''n'') is kept secret.
   #* The lcm may be calculated through the [[Euclidean algorithm]], since
   lcm(''a'',''b'') = ''|ab|''/gcd(''a'',''b'').
   # Choose an integer ''e'' such that {{nowrap|1 < ''e'' < ''λ''(''n'')}}
   and {{nowrap|1=[[greatest common divisor|gcd]](''e'', ''λ''(''n'')) =
   1}}; that is, ''e'' and ''λ''(''n'') are [[coprime]].
   #* ''e'' having a short [[bit-length]] and small [[Hamming weight]]
   results in more efficient encryption {{snd}} the most commonly chosen
   value for ''e'' is {{nowrap|1=2<sup>16</sup> + 1 = 65,537}}. The
   smallest (and fastest) possible value for ''e'' is 3, but such a small
   value for ''e'' has been shown to be less secure in some settings.<ref
   name="Boneh99">
   {{cite journal
    | url =
   [1]http://crypto.stanford.edu/~dabo/abstracts/RSAattack-survey.html
    | last = Boneh | first = Dan
    | title = Twenty Years of attacks on the RSA Cryptosystem
    | journal = [[Notices of the American Mathematical Society]]
    | volume = 46 | issue = 2
    | pages = 203–213 | year = 1999
   }}</ref>
   #*''e'' is released as part of the public key.
   # Determine ''d'' as {{nowrap|''d'' ≡ ''e''<sup>−1</sup> (mod
   ''λ''(''n''))}}; that is, ''d'' is the [[modular multiplicative
   inverse]] of ''e'' modulo ''λ''(''n'').
   #* This means: solve for ''d'' the equation {{nowrap|''d''⋅''e'' ≡ 1
   (mod ''λ''(''n''))}}; ''d'' can be computed efficiently by using the
   [[Extended Euclidean algorithm]], since, thanks to ''e'' and
   ''λ''(''n'') being coprime, said equation is a form of [[Bézout's
   identity]], where ''d'' is one of the coefficients.
   #* ''d'' is kept secret as the ''private key exponent''.
   The ''public key'' consists of the modulus ''n'' and the public (or
   encryption) exponent ''e''. The ''private key'' consists of the private
   (or decryption) exponent ''d'', which must be kept secret. ''p'',
   ''q'', and ''λ''(''n'') must also be kept secret because they can be
   used to calculate ''d''. In fact, they can all be discarded after ''d''
   has been computed.<ref>Applied Cryptography, John Wiley & Sons, New
   York, 1996. [[Bruce Schneier]], p. 467</ref>

References

   1. http://crypto.stanford.edu/~dabo/abstracts/RSAattack-survey.html