2016-01-04 10:31:03 -05:00
|
|
|
# ssh-keygen
|
|
|
|
|
|
2019-09-06 11:49:11 +02:00
|
|
|
> Generate ssh keys used for authentication, password-less logins, and other things.
|
2021-10-04 23:39:50 +11:00
|
|
|
> More information: <https://man.openbsd.org/ssh-keygen>.
|
2016-01-04 10:31:03 -05:00
|
|
|
|
2016-01-28 12:41:00 +01:00
|
|
|
- Generate a key interactively:
|
2016-01-04 10:31:03 -05:00
|
|
|
|
|
|
|
|
`ssh-keygen`
|
|
|
|
|
|
2016-03-01 16:06:19 -05:00
|
|
|
- Specify file in which to save the key:
|
|
|
|
|
|
2021-08-17 21:03:15 +03:00
|
|
|
`ssh-keygen -f {{~/.ssh/filename}}`
|
2016-03-01 16:06:19 -05:00
|
|
|
|
2018-01-25 11:36:37 -08:00
|
|
|
- Generate an ed25519 key with 100 key derivation function rounds:
|
|
|
|
|
|
2021-08-17 21:03:15 +03:00
|
|
|
`ssh-keygen -t {{ed25519}} -a {{100}}`
|
2018-01-25 11:36:37 -08:00
|
|
|
|
2021-08-15 19:59:09 +02:00
|
|
|
- Generate an RSA 4096-bit key with email as a comment:
|
2016-01-04 10:31:03 -05:00
|
|
|
|
2021-08-17 21:03:15 +03:00
|
|
|
`ssh-keygen -t {{dsa|ecdsa|ed25519|rsa}} -b {{4096}} -C "{{comment|email}}"`
|
2016-06-01 09:15:10 +00:00
|
|
|
|
2019-12-07 03:20:59 +00:00
|
|
|
- Remove the keys of a host from the known_hosts file (useful when a known host has a new key):
|
|
|
|
|
|
|
|
|
|
`ssh-keygen -R {{remote_host}}`
|
|
|
|
|
|
2016-07-26 15:16:42 +01:00
|
|
|
- Retrieve the fingerprint of a key in MD5 Hex:
|
|
|
|
|
|
2021-08-17 21:03:15 +03:00
|
|
|
`ssh-keygen -l -E {{md5}} -f {{~/.ssh/filename}}`
|
2016-07-26 15:16:42 +01:00
|
|
|
|
2016-06-01 09:15:10 +00:00
|
|
|
- Change the password of a key:
|
|
|
|
|
|
2021-08-17 21:03:15 +03:00
|
|
|
`ssh-keygen -p -f {{~/.ssh/filename}}`
|
|
|
|
|
|
|
|
|
|
- Change the type of the key format (for example from OPENSSH format to PEM), the file will be rewritten in-place:
|
|
|
|
|
|
|
|
|
|
`ssh-keygen -p -N "" -m {{PEM}} -f {{~/.ssh/OpenSSH_private_key}}`
|
