2016-01-04 15:31:03 +00:00
|
|
|
# ssh-keygen
|
|
|
|
|
2019-09-06 10:49:11 +01:00
|
|
|
> Generate ssh keys used for authentication, password-less logins, and other things.
|
2021-10-04 13:39:50 +01:00
|
|
|
> More information: <https://man.openbsd.org/ssh-keygen>.
|
2016-01-04 15:31:03 +00:00
|
|
|
|
2016-01-28 11:41:00 +00:00
|
|
|
- Generate a key interactively:
|
2016-01-04 15:31:03 +00:00
|
|
|
|
|
|
|
`ssh-keygen`
|
|
|
|
|
2023-05-18 04:38:04 +01:00
|
|
|
- Generate an ed25519 key with 100 key derivation function rounds and save the key to a specific file:
|
2016-03-01 21:06:19 +00:00
|
|
|
|
2023-05-18 04:38:04 +01:00
|
|
|
`ssh-keygen -t {{ed25519}} -a {{100}} -f {{~/.ssh/filename}}`
|
2018-01-25 19:36:37 +00:00
|
|
|
|
2021-08-15 18:59:09 +01:00
|
|
|
- Generate an RSA 4096-bit key with email as a comment:
|
2016-01-04 15:31:03 +00:00
|
|
|
|
2021-08-17 19:03:15 +01:00
|
|
|
`ssh-keygen -t {{dsa|ecdsa|ed25519|rsa}} -b {{4096}} -C "{{comment|email}}"`
|
2016-06-01 10:15:10 +01:00
|
|
|
|
2019-12-07 03:20:59 +00:00
|
|
|
- Remove the keys of a host from the known_hosts file (useful when a known host has a new key):
|
|
|
|
|
|
|
|
`ssh-keygen -R {{remote_host}}`
|
|
|
|
|
2016-07-26 15:16:42 +01:00
|
|
|
- Retrieve the fingerprint of a key in MD5 Hex:
|
|
|
|
|
2021-08-17 19:03:15 +01:00
|
|
|
`ssh-keygen -l -E {{md5}} -f {{~/.ssh/filename}}`
|
2016-07-26 15:16:42 +01:00
|
|
|
|
2016-06-01 10:15:10 +01:00
|
|
|
- Change the password of a key:
|
|
|
|
|
2021-08-17 19:03:15 +01:00
|
|
|
`ssh-keygen -p -f {{~/.ssh/filename}}`
|
|
|
|
|
|
|
|
- Change the type of the key format (for example from OPENSSH format to PEM), the file will be rewritten in-place:
|
|
|
|
|
|
|
|
`ssh-keygen -p -N "" -m {{PEM}} -f {{~/.ssh/OpenSSH_private_key}}`
|
2023-05-18 04:38:04 +01:00
|
|
|
|
|
|
|
- Retrieve public key from secret key:
|
|
|
|
|
|
|
|
`ssh-keygen -y -f {{~/.ssh/OpenSSH_private_key}}`
|