Editing Ssh-keygen (command)
Jump to navigation
Jump to search
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then save the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 1: | Line 1: | ||
− | + | <code>ssh-keygen</code><ref>http://man7.org/linux/man-pages/man1/ssh-keygen.1.html</ref> is an [[OpenSSH]] software command used to generate, manage, and convert [[authentication keys]]. It support at least four different key types [[RSA]], [[DSA]], [[ECDSA]] and [[ed25519]]. | |
− | <code>ssh-keygen</code><ref>http://man7.org/linux/man-pages/man1/ssh-keygen.1.html</ref> is an [[OpenSSH]] software command used to generate, manage, and convert [[authentication keys]]. It support at least four different | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
+ | ==Commands== | ||
+ | * <code>ssh-keygen -l -f /etc/ssh/ssh_host_XXXXkey.pub</code> | ||
* <code>ssh-keygen -vF host</code> (-v flag added in OpenSSH 8.1<ref>https://www.openssh.com/txt/release-8.1</ref>) | * <code>ssh-keygen -vF host</code> (-v flag added in OpenSSH 8.1<ref>https://www.openssh.com/txt/release-8.1</ref>) | ||
− | + | * <code>ssh-keygen -t ed25519</code> (There is no need to set the key size, as all Ed25519 keys are 256 bits) other options: <code>[-t dsa | ecdsa | ed25519 | [[rsa]]]</code> | |
− | |||
− | * | ||
==Activities== | ==Activities== | ||
− | + | # Generate a public private key using ed25519 key format using the following command: <code>ssh-keygen -t ed25519</code> | |
− | + | # Solve" "WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!" warning: | |
− | + | ::<code>ssh-keygen -R SERVER_NAME</code> -R Removes all keys belonging to hostname from a known_hosts file | |
− | ::<code>ssh-keygen -R SERVER_NAME</code> -R Removes all keys belonging to hostname from a | ||
::<code>ssh -oStrictHostKeyChecking=no SERVER_NAME</code> Temporarily turning off host key checking | ::<code>ssh -oStrictHostKeyChecking=no SERVER_NAME</code> Temporarily turning off host key checking | ||
− | + | Both solutions have security implications. | |
− | + | # Understand different key types: dsa, ecdsa, ed25519 and [[rsa]] | |
− | + | == See also == | |
− | + | * [[Certification Authority]] | |
− | + | * [[OpenSSH/OpenSSH versions Release Notes]]/ Changelog | |
− | + | * [[Kerberos]] | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | == | ||
− | * | ||
− | * | ||
− | |||
− | * [[ | ||
* [[Cisco IOS/Configure public RSA key authentication]] | * [[Cisco IOS/Configure public RSA key authentication]] | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | [[Category: | + | [[Category:Server administration]] |
[[Category:Cryptography]] | [[Category:Cryptography]] | ||
− | |||
[[Category:Security]] | [[Category:Security]] |
Advertising: