Generate key

Contents

Generate key#

SSH keys can be generated using the ssh-keygen utility. The following table shows utility’s most useful parameters.

Option

Description

-t type

Key type to create (rsa, ed25519, ecdsa). ed25519 is recommended.

-b bits

Number of bits in the key (e.g. 4096 for RSA). Ignored for ed25519.

-C comment

Comment to add to the key (e.g. your email for GitHub).

-f filename

File in which to save the key (default: ~/.ssh/id_<type>).

-N passphrase

New passphrase for the key (empty string for no passphrase).

-y

Read a private key and print the corresponding public key.

-l -f keyfile

Show fingerprint of the given public/private key file.

-E hash_alg

Fingerprint hash algorithm (md5, sha256). Default is sha256.

-p

Change the passphrase of a private key.

-R hostname

Remove all keys belonging to a hostname from ~/.ssh/known_hosts.

-F hostname

Search ~/.ssh/known_hosts for entries matching a hostname.

-A

Generate host keys of all types (used for SSH servers).

-q

Quiet mode – suppress most messages.

Comment (-C)#

The -C parameter allow you to set a comment that will be written to the public key file and can be used by third-party services.

Note: Some guides recommend using your exact email address here, but you can use whatever you like.

The following cell generates the ssh key and adds “some arbitrary comment” to it.

rm -rf /tmp/ssh_experiments
mkdir /tmp/ssh_experiments
ssh-keygen -C "some arbitrary comment" -f /tmp/ssh_experiments/my_super_key -N ""

Generating public/private ed25519 key pair.
Your identification has been saved in /tmp/ssh_experiments/my_super_key
Your public key has been saved in /tmp/ssh_experiments/my_super_key.pub
The key fingerprint is:
SHA256:C5HQJWqgLyHXGszLLtZTRHUfQHcmNWKmSfBwfiNHmQU some arbitrary comment
The key's randomart image is:
+--[ED25519 256]--+
|  . .oo=+*.E**   |
| + o.o.oB Oo* .  |
|+ = +.o  * =     |
|.= =.  .  + .    |
|. =  .. S        |
| o. .  . .       |
|...o    .        |
|..  .            |
|                 |
+----[SHA256]-----+

The following cell prints ssh key generated in the previous code.

cat /tmp/ssh_experiments/my_super_key.pub

ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICzvRTr8SmN5lC2N5j1bVMNViBqR2VnG94HRjOrYJerq some arbitrary comment

After the ssh key, write the exact comment specified in the -C option as raw text.

Contents