search

πŸ•ΆοΈSSH KeyGen and Agent

Pretty okay cryptographic utilities for SSH session and key generation.

hashtag
TL;DR

The commands covered in this chapter are listed below.

# generate public/private ed25519 key pair
ssh-keygen -t ed25519 -C "your-email@permitzip.com"

hashtag
Overview

triangle-exclamation

The manpage for ssh-keygen describes ssh 1 generally as legacy, suffering from cryptographic weaknesses, and lacking support for the new features in protocol 2.

ssh-keygen generates, manages, and converts authentication keys for ssh 1 and ssh 2. Creating a key is pretty simple. The following command guides you through naming and password-protecting the files:

# generate public/private ed25519 key pair
ssh-keygen -t ed25519 -C "your-email@permitzip.com"
circle-info

ASCII Art Visual Host Key is another human-readable option for identifying keys. They look like this:

+--[ED25519 256]--+
|           .o@=. |
|            =EOo |
|           .o+  o|
|         .  o+  .|
|        S  o..o .|
|       .   .*.o+ |
|        .  +o*o+.|
|         o oBo=o.|
|        . o+=*+oo|
+----[SHA256]-----+

ssh-keygen will generate this for you from a key, much like generating a fingerprint:

ssh-keygen allows you to create a fingerprint from both the private and public keys.

circle-check

ssh-keygen allows you to create a fingerprint from both the private** and **public keys.

hashtag
Prove Two Two Key Files Are a Cryptographic Key Pair

The execution below shows how a private key and public key lead to the same fingerprint. This can be used to prove two files belong to the same key pair.

More on SSH configs, checking signatures, etc. herearrow-up-right.

*technically, a fingerprint is derived from a public key

PreviousCryptographic ToolsNextGNU Privacy Guard (gpg)

Last updated