Difference between revisions of "ssh-keygen"
(links, int & ext) |
|||
| (2 intermediate revisions by the same user not shown) | |||
| Line 3: | Line 3: | ||
[[ssh-keygen]] is a [[Linux command]] for generating [[ssh]] keys. | [[ssh-keygen]] is a [[Linux command]] for generating [[ssh]] keys. | ||
| − | Just typing the command without any arguments will generate a new key in <code>~/.ssh/ | + | Just typing the command without any arguments will generate a new key-pair in <code>~/.ssh/</code> (a prompt offers to let you change this), with an optional passphrase (also queried by prompt). The files will be called <code>id_X</code> and <code>id_X.pub</code>, where X is replaced by whatever key type you choose ("rsa" was the default when last tested). |
It can also be used to remove conflicting entries from the <code>.known-hosts</code> file. | It can also be used to remove conflicting entries from the <code>.known-hosts</code> file. | ||
==Pages== | ==Pages== | ||
* {{l/manpage}} for this system | * {{l/manpage}} for this system | ||
| + | ===Notes=== | ||
| + | Note that there is bad syntax in the command format on the manpage. The manpage says: | ||
| + | ssh-keygen [-q] [-b bits] [-t dsa | ecdsa | ed25519 | rsa] | ||
| + | The clause which begins with <code>[-t</code> implies that you could type "-t dsa" or "ecdsa" or "ed25519" or "rsa", but the actual choices are "-t dsa" or "-t ecdsa" or "-t ed25519" or "-t rsa". The actual syntax should be: | ||
| + | ssh-keygen [-q] [-b bits] [-t [dsa | ecdsa | ed25519 | rsa]] | ||
| + | ==How To== | ||
| + | To create a new ed25519 key: | ||
| + | ssh-keygen -t ed25519 | ||
==Links== | ==Links== | ||
* {{wikipedia}} | * {{wikipedia}} | ||
Latest revision as of 19:45, 18 April 2023
About
ssh-keygen is a Linux command for generating ssh keys.
Just typing the command without any arguments will generate a new key-pair in ~/.ssh/ (a prompt offers to let you change this), with an optional passphrase (also queried by prompt). The files will be called id_X and id_X.pub, where X is replaced by whatever key type you choose ("rsa" was the default when last tested).
It can also be used to remove conflicting entries from the .known-hosts file.
Pages
- manpage for this system
Notes
Note that there is bad syntax in the command format on the manpage. The manpage says:
ssh-keygen [-q] [-b bits] [-t dsa | ecdsa | ed25519 | rsa]
The clause which begins with [-t implies that you could type "-t dsa" or "ecdsa" or "ed25519" or "rsa", but the actual choices are "-t dsa" or "-t ecdsa" or "-t ed25519" or "-t rsa". The actual syntax should be:
ssh-keygen [-q] [-b bits] [-t [dsa | ecdsa | ed25519 | rsa]]
How To
To create a new ed25519 key:
ssh-keygen -t ed25519