ssh-keygen

ssh-keygen is a Unix utility that is used to generate, manage, and convert authentication keys for ssh authentication. With the help of the ssh-keygen tool, a user can create passphrase keys for both SSH protocol version 1 and version 2. ssh-keygen creates RSA keys for SSH protocol version 1 and RSA or DSA keys for use by SSH protocol version 2. These keys differ from keys used by GNU Privacy Guard.

ssh-keygen command syntax

The syntax of the ssh-keygen file is as follows:

ssh-keygen [options]

Some of the important options of ssh-keygen command are as follows:

ssh-keygen command options	description
-b bits	Specifies the number of bits in the key to create. The minimum bit length is 768 bits and the default length is 2048 bits.
-C comment	Provides new comment.
-p	Requests changing the passphrase of a private key file instead of creating a new private key.
-t	Specifies the type of key to create.
-q	quiets ssh-keygen. It is used by the /etc/rc file while creating a new key.
-N	Provides a new Passphrase.
-F (or -B)	For ssh-keygen2, dumps the key's fingerprint in Bubble Babble format

Files used by the ssh-keygen utility

The ssh-keygen utility uses various files for storing public and private keys. The files used by ssh-keygen utility are as follows:

$HOME/.ssh/identity: The $HOME/.ssh/identity file contains the RSA private key when using the SSH protocol version 1.

$HOME/.ssh/identity.pub: The $HOME/.ssh/identity.pub file contains the RSA public key for authentication when you are using the SSH protocol version 1. A user should copy its contents in the $HOME/.ssh/authorized_keys file of the remote system where a user wants to log in using RSA authentication.

$HOME/.ssh/id_dsa: The $HOME/.ssh/id_dsa file contains the protocol version 2 DSA authentication identity of the user.

$HOME/.ssh/id_dsa.pub: The $HOME/.ssh/id_dsa.pub file contains the DSA public key for authentication when you are using the SSH protocol version 2. A user should copy its contents in the $HOME/.ssh/authorized_keys file of the remote system where a user wants to log in using DSA authentication.

$HOME/.ssh/id_rsa: The $HOME/.ssh/id_rsa file contains the protocol version 2 RSA authentication identity of the user. This file should not be readable by anyone but the user.

$HOME/.ssh/id_rsa.pub: The $HOME/.ssh/id_rsa.pub file contains the protocol version 2 RSA public key for authentication. The contents of this file should be added to $HOME/.ssh/authorized_keys on all computers where a user wishes to log in using public key authentication.

External links

Generating ssh keys, a guide from GitHub
ssh-keygen manual from the OpenBSD project

v t e Unix command-line interface programs and shell builtins
File system	cat chmod chown chgrp cksum cmp cp dd du df file fsck fuser ln ls mkdir mount mv pax pwd rm rmdir split tee touch type umask
Processes	at bg chroot cron fg kill killall nice pgrep pkill ps pstree time top
User environment	clear env exit finger history logname mesg passwd su sudo uptime talk tput uname w wall who whoami write
Text processing	awk banner basename comm csplit cut diff dirname ed ex fmt fold head iconv join less more nl paste printf sed sort spell strings tail tr uniq vi wc xargs yes
Shell builtins	alias cd echo test unset wait
Networking	dig host ifconfig inetd netcat netstat nslookup ping rdate rlogin route ssh traceroute
Searching	find grep locate whatis whereis
Documentation	apropos help man
Miscellaneous	bc dc cal expr lp od sleep true and false
List of Unix utilities

ssh-keygen

ssh-keygen command syntax

Files used by the ssh-keygen utility

External links

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Tools