Any intruder can use this information to get the fingerprint details of individual hostname.The content of known_hosts file would be in this formatġ0.10.10.10 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGlXmWjH3Ly6ty9O3hYeg8p/ld7Isl65DaoxqTclbPrAdvDKrsB12MJlJS7oNur2TNUKfU24N+UKn7fqyUeEGWZrIh2DIaPC2Msq132x2P3IBeposynhfBmk6ZoJi58WjddIInQnaAJ/OJZB2waOp+RdtW53lP7zkPTny6yOUYUmFuC93mEMTAf6CpHEoBsNB/OH8km11kpjbbZ4QUx/1shXNnXo5El0/2Cqn7g/s0hi1EuDysDxAj2BkH8fsNyHitNhattf6NIL4akKagcZUhY/9Oj3TikM05MR5Jf72w8EQTtr9vNMTkxlaz/G66GeJR0TAd7CUCux+7KJ8KSH6rġ92.168.43.22 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCGtytDuWTzCZJ4FGy5OBKTgYwllftrmgZ3Z+mSTTRmNVlTCEDygSzALLdtC7MEilv/ezTN2uA3HIC72jYegrMc=.This is used to verify the authenticity of the SSH connection.Every time you do SSH to another server, the SSH fingerprint for the secure connection is added to the client's ~/.ssh/known_hosts file.The comment in your key file has been changed.Ĭheck the new comment of your private key # ssh-keygen -lģ072 SHA256:JxBpArCDsIVME0HDtQG7FqFQefaS9ommeohVoEmg39g This is for (RSA) Key now has comment 'This is for 'Įnter new comment: This is for You can also change the existing comment of your private key using -c argument # ssh-keygen -c We can use -l to print the fingerprint and comment of the private key # ssh-keygen -lĮnter file in which the key is (/root/.ssh/id_rsa):ģ072 SHA256:JxBpArCDsIVME0HDtQG7FqFQefaS9ommeohVoEmg39g This is for (RSA) Use -C to generate keys with your custom comment # ssh-keygen -C "This is for " You can also add custom comment to your private key for more identification. Snippet from my terminal Generate SSH key and assign filename In this example my private key will be my-own-rsa-key and public key would be my-own-rsa-key.pub.This will create and keep the certificates in the current location from where you execute ssh-keygen tool.We can also create keys with custom filename using -f.By default ssh-keygen creates private key with the name id_rsa and public key as id_rsa.pub.Key has comment identification has been saved with the new passphrase. To automate this step you can use ssh-keygen with -f to provide the private key file, -P to define your old passphrase and -N to define new passphrase # ssh-keygen -p -f ~/.ssh/id_rsa -P "old_password" -N "new_password" In this example i will generate keys with 4096 bit size You can also specify the number of bits to be used for the keys by using -b In this example I am creating key pair of ED25519 typeīy default ssh-keygen generates SSH key with 2048 bit size.
Use -t argument to define the type of the key.You can create key with dsa, ecdsa, ed25519, or rsa type.By default ssh-keygen will create RSA type key.Snippet from my terminal Generate SSH Key without any arguments Next provided the passphrase, you can just press ENTER to create passphrase less key pair.The default naming syntax used for the private RSA key will be id_rsa and public key will be id_rsa.pub.The tool will create ~/.ssh if the directory does not exists already.The default location would be inside user's home folder under.The tool will prompt for the location to store the RSA key pairs.You can execute ssh-keygen without any arguments which will generate key pairs by default using RSA algorithm.Let us explore the ssh-keygen tool to generate different types of key pairs in Linuxġ. If you forgot the passphrase then there is no way to reset the passphrase and you must recreate new passphrase and place they key pairs at respective locations to re-activate public key authentication.If you wish to use SSH with public key authentication then use this once to create the authentication key in ~/.ssh/id_dsa, ~/.ssh/id_ecdsa, ~/.ssh/id_ed25519 or ~/.ssh/id_rsa.This tool supports different arguments which can be used to create keys as per the requirement.
0 kommentar(er)
