Your Browser is not longer supported

Please use Google Chrome, Mozilla Firefox or Microsoft Edge to view the page correctly
Loading...

{{viewport.spaceProperty.prod}}

ssh-keygen - Generating and administering an RSA/DSA key pair

&pagelevel(4)&pagelevel

Syntax

ssh-keygen [-q] [-b <bits>] -t <type> [-N <new_passphrase>] [-C <comment>] 
           [-f <output_keyfile>] 
ssh-keygen -p [-P <old_passphrase>] [-N <new_passphrase>] [-f <keyfile>]
ssh-keygen -i [-f <input_keyfile>] 
ssh-keygen -e [-f <input_keyfile>] 
ssh-keygen -y [-f <input_keyfile>] 
ssh-keygen -c [-P <passphrase>] [-C <comment>] [-f <keyfile>] 
ssh-keygen -l [-f <input_keyfile>] 
ssh-keygen -B [-f <input_keyfile>] 
ssh-keygen -D <reader> 
ssh-keygen -U <reader> [-f <input_keyfile>] 
ssh-keygen -r <hostname> [-f <input_keyfile>] [-g] 
ssh-keygen -G <output_file> [-v] [-b <bits>] [-M <memory>] [-S <start_point>] 
ssh-keygen -T <output_file> -f <input_file> [-v] [-a <num_trials>] 
           [-W <generator>]

A detailed description of the operands is provided in the OpenSSH man pages.

Description

Each authentication algorithm requires its own key pair comprising a private and a public key. The ssh-keygen utility enables you to create such a key pair (RSA, DSA, ECDSA or Ed25519). You specify the authentication algorithm with the -t parameter.

ssh-keygen generates, administers and converts authentication keys for the OpenSSH client ssh. ssh-keygen can generate RSA or DSA keys.

Generally a user who wants to use OpenSSH with RSA or DSA authentication will start ssh-keygen in order to generate the authentication key in $HOME/.ssh/id_rsa, $HOME/.ssh/id_dsa, $HOME/.ssh/id_ecdsa oder $HOME/.ssh/id_ed25519. In addition, the system administrator can generate hot keys using ssh_keygen.

Private keys are saved under $HOME/.ssh/<identity>, public keys under $HOME/.ssh/<identity>.pub in the user’s directory. Here <identity> stands for

id_dsa ( -t dsa) for DSA and
id_rsa ( -t rsa) for RSA and
id_ecdsa (-t ecdsa) for ECDSA and
id_ed25519 (-t ed25519) for Ed25519

You can also give the file a different name:

  • When the keys are generated, ssh-keygen inquires the name of the file in which the private key is to be stored.

  • The file name for the public key is automatically adapted and given the extension “.pub”.

Further information on ssh-keygen can be found in the OpenSSH man pages.

Files

A description of the ssh-keygen files is provided in the OpenSSH man pages.

Powered by Atlassian Confluence and Scroll Viewport.