🖥️ssh-keygen

➡️This is a command-line reference manual for commands and command combinations that you don’t use often enough to remember it. This cheatsheet explains the ssh-keygen command with important options and switches using examples.

  3 minute read  

▁ ▂ ▃ ▄ ꧁ 🔴☠ COMMANDLINE-KUNGFU WITH CHEATSHEETS ☠🔴꧂▅ ▃ ▂ ▁

#      ███████╗███████╗██╗  ██╗      ██╗  ██╗███████╗██╗   ██╗ ██████╗ ███████╗███╗   ██╗
#      ██╔════╝██╔════╝██║  ██║      ██║ ██╔╝██╔════╝╚██╗ ██╔╝██╔════╝ ██╔════╝████╗  ██║
#      ███████╗███████╗███████║█████╗█████╔╝ █████╗   ╚████╔╝ ██║  ███╗█████╗  ██╔██╗ ██║
#      ╚════██║╚════██║██╔══██║╚════╝██╔═██╗ ██╔══╝    ╚██╔╝  ██║   ██║██╔══╝  ██║╚██╗██║
#      ███████║███████║██║  ██║      ██║  ██╗███████╗   ██║   ╚██████╔╝███████╗██║ ╚████║
#      ╚══════╝╚══════╝╚═╝  ╚═╝      ╚═╝  ╚═╝╚══════╝   ╚═╝    ╚═════╝ ╚══════╝╚═╝  ╚═══╝
                                                                                                  
                

# To generate an SSH key:
ssh-keygen -t rsa

# To generate a 4096-bit SSH key:
ssh-keygen -t rsa -b 4096

# To update a passphrase on a key
ssh-keygen -p -P old_passphrase -N new_passphrase -f /path/to/keyfile

# To remove a passphrase on a key
ssh-keygen -p -P old_passphrase -N '' -f /path/to/keyfile

# To generate a 4096 bit RSA key with a passphase and comment containing the user and hostname
ssh-keygen -t rsa -b 4096 -C "$USER@$HOSTNAME" -P passphrase

#==============================#
# CMD SSH-KEYGEN
#==============================##==============================#
ssh-keygen -F 10.0.0.23 -l
# List the cached ssh host key fingerprint for 10.0.0.23

ssh-keygen -f ~/.ssh/known_hosts -R 192.168.2.155
# If key have changed, with this command delete the entry

# Remove offending key from known_hosts file with one swift move
ssh-keygen -R <hostname>
# Explanation: The ssh-keygen tool comes with an option for this already, there is no need for esoteric one-liners that are hard to remember. Say you ssh server.example.com and its host key has changed because you just reinstalled it. Run ssh-keygen -R server.example.com then try to connect to the server again, you'll be presented with the option to save the host key just like new.

ssh-keygen -y -f user-key.pem | ssh user@host -i already_on_remote_server_key.pem 'cat >> ~/.ssh/authorized_keys'
# Append a pub key from pem file and save in remote server accessing with another key Useful if you need to add another key and you using pem files (typical in AWS EC2 Instances). If you use it in EC2 instances, remember that password authentication is disabled, so you have to use the first key generated when you generated the instance

        # sort -t@ -k2 emails.txt
        # [email protected]
        # [email protected]
        # [email protected]
        # [email protected]
        # [email protected]
        # [email protected]
        # [email protected]
        # [email protected]
        # [email protected]
        # [email protected]
        # [email protected]

ssh-keygen -y -f privatekey.pem > publickey.pem
# Generate SSH public key from the private key

 
#==============================##==============================#
# CMD SSH-KEYGEN
#==============================##==============================#

░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░

  █║▌│║█║▌★ KALI ★ PARROT ★ DEBIAN 🔴 PENTESTING ★ HACKING ★ █║▌│║█║▌

              ██╗ ██╗ ██████╗  ██████╗ ██╗  ██╗███████╗██████╗
             ████████╗██╔══██╗██╔═══██╗╚██╗██╔╝██╔════╝██╔══██╗
             ╚██╔═██╔╝██║  ██║██║   ██║ ╚███╔╝ █████╗  ██║  ██║
             ████████╗██║  ██║██║   ██║ ██╔██╗ ██╔══╝  ██║  ██║
             ╚██╔═██╔╝██████╔╝╚██████╔╝██╔╝ ██╗███████╗██████╔╝
              ╚═╝ ╚═╝ ╚═════╝  ╚═════╝ ╚═╝  ╚═╝╚══════╝╚═════╝

               █║▌│║█║▌ WITH COMMANDLINE-KUNGFU POWER █║▌│║█║▌

░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░