πΆοΈSSH KeyGen and Agent
Pretty okay cryptographic utilities for SSH session and key generation.
TL;DR
The commands covered in this chapter are listed below.
# generate public/private ed25519 key pair
ssh-keygen -t ed25519 -C "your-email@permitzip.com"Overview
The manpage for ssh-keygen describes ssh 1 generally as legacy, suffering from cryptographic weaknesses, and lacking support for the new features in protocol 2.
ssh-keygen generates, manages, and converts authentication keys for ssh 1 and ssh 2. Creating a key is pretty simple. The following command guides you through naming and password-protecting the files:
# generate public/private ed25519 key pair
ssh-keygen -t ed25519 -C "your-email@permitzip.com"ssh-keygen will generate this for you from a key, much like generating a fingerprint:
# command:
ssh-keygen -lv -E sha256 -f $HOME/.ssh/your-file-name.pub
# output:
256 SHA256:6dvH2tSNL6vDYVSkDyWdTM8v6K+23WHSSkwLUTYLtZQ kshultz@permitzip.com (ED25519)
+--[ED25519 256]--+
| .o@=. |
| =EOo |
| .o+ o|
| . o+ .|
| S o..o .|
| . .*.o+ |
| . +o*o+.|
| o oBo=o.|
| . o+=*+oo|
+----[SHA256]-----+ssh-keygen allows you to create a fingerprint from both the private and public keys.
ssh-keygen allows you to create a fingerprint from both the private** and **public keys.
Prove Two Two Key Files Are a Cryptographic Key Pair
The execution below shows how a private key and public key lead to the same fingerprint. This can be used to prove two files belong to the same key pair.
# 1. generate the public key from the private key,
# 2. pipe the result to generate the fingerashprint from the public key.
ssh-keygen -y -f $HOME/.ssh/github_pz | ssh-keygen -l -f -
# 3. generate a fingerprint from the public key file
ssh-keygen -l -f github_pz.pubMore on SSH configs, checking signatures, etc. here.
*technically, a fingerprint is derived from a public key
Last updated