Difference between revisions of "Ssh-keygen (command)"

From wikieduonline
Jump to navigation Jump to search
Tags: Mobile web edit, Mobile edit
Tags: Mobile web edit, Mobile edit
Line 4: Line 4:
 
Generate a keypar:
 
Generate a keypar:
 
* <code>ssh-keygen -t [[ed25519]]</code> (There is no need to set the key size, as all Ed25519 keys are 256 bits) other options: <code>[-t dsa | ecdsa | ed25519 | [[rsa]]]</code>
 
* <code>ssh-keygen -t [[ed25519]]</code> (There is no need to set the key size, as all Ed25519 keys are 256 bits) other options: <code>[-t dsa | ecdsa | ed25519 | [[rsa]]]</code>
:Two files will be generated, one your private key and a second file containing second key (<code>.pub</code> extension)
+
:::::Two files will be generated, one your private key and a second file containing second key (<code>.pub</code> extension)
  
* <code>ssh-keygen -t ed25519 -f your_new_ed25519_key</code>
+
* <code>ssh-keygen -t ed25519 -f your_new_ed25519_key</code>
  
 
  ssh-keygen -e -m [[PEM]] -f private_key_in_ed25519_format
 
  ssh-keygen -e -m [[PEM]] -f private_key_in_ed25519_format

Revision as of 17:08, 5 May 2020

ssh-keygen[1] is an OpenSSH software command used to generate, manage, and convert authentication keys. It support at least four different key types RSA, DSA, ECDSA and ed25519.

Commands

Generate a keypar:

  • ssh-keygen -t ed25519 (There is no need to set the key size, as all Ed25519 keys are 256 bits) other options: [-t dsa | ecdsa | ed25519 | rsa]
Two files will be generated, one your private key and a second file containing second key (.pub extension)
  • ssh-keygen -t ed25519 -f your_new_ed25519_key
ssh-keygen -e -m PEM -f private_key_in_ed25519_format
do_convert_to_pem: unsupported key type ED25519
  • ssh-keygen -l -f /etc/ssh/ssh_host_XXXXkey.pub
  • ssh-keygen -vF host (-v flag added in OpenSSH 8.1[2])

Activities

ssh-keygen -t ed25519
  • Solve" "WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!" warning:
ssh-keygen -R SERVER_NAME -R Removes all keys belonging to hostname from a known_hosts file
ssh -oStrictHostKeyChecking=no SERVER_NAME Temporarily turning off host key checking

Both solutions have security implications.

  • Understand different key types: dsa, ecdsa, ed25519 and rsa
  • Generate public key from private key:
ssh-keygen -y -f ~/.ssh/id_rsa > ~./.ssh/id_rsa.pub
  • Generate a key par with old PEM format using:
ssh-keygen -m PEM

Related commands

See also

  • http://man7.org/linux/man-pages/man1/ssh-keygen.1.html
  • https://www.openssh.com/txt/release-8.1
  • Advertising: