- Cheat Sheet and Example is command references/cheat sheets/examples for system engineers.

User Tools

Site Tools






How to create/change ssh key (ssh-keygen)

SSH Algorithm

algorithm command key pair complement
RSA1 (ssh version1) ssh-keygen -t rsa1 -C "comment" Private Key : ~/.ssh/identity
Publick Key : ~/.ssh/
RSA (ssh version2) ssh-keygen -t rsa -C "comment" Private Key : ~/.ssh/id_rsa
Publick Key : ~/.ssh/
DSA (ssh version2) ssh-keygen -t dsa -C "comment" Private Key : ~/.ssh/id_dsa
Publick Key : ~/.ssh/
AWS does not support

How to Create a Public/Private Key Pair

$  ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/user1/.ssh/id_rsa): id_rsa_test
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in id_rsa_test.
Your public key has been saved in
The key fingerprint is:
83:ef:2d:29:2b:54:b8:9a:e0:74:04:e5:b0:xx:xx:xx test
$ ls
     -t type
             Specifies the type of key to create.  The possible values are “rsa1” for protocol version 1 and “dsa”,
             “ecdsa”, “ed25519”, or “rsa” for protocol version 2.

Traget Server Configuration

Method 1 (manual)
$ cd              # change home directory
$ chmod 700 .ssh
$ cat ~/.ssh/ >> ~/.ssh/authorized_keys
$ chmod 600 ~/.ssh/authorized_keys
$ rm ~/.ssh/
Method 2 (ssh-copy-id)
$ ssh-copy-id
/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/user1/.ssh/"
/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
user1@'s password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh ''"
and check to make sure that only the key(s) you wanted were added.

Method 3 (one liner)
$ cat ~/.ssh/ | ssh USER@x.x.x.x "mkdir -p ~/.ssh; cat >> ~/.ssh/authorized_keys"

Changing a private key passphrase



ssh-keygen -p   -P OLD_PASSPHRASE   -N ""   -f PRIVATE_KEY
-p      Requests changing the passphrase of a private key file instead of creating a new private key.

Change the format of a private key

Convert from putty private key to the OpenSSH format

ssh-keygen -i -f >

-i      This option will read an unencrypted private (or public) key file in the format specified by the -m option
        and print an OpenSSH compatible private (or public) key to stdout.

-f filename      Specifies the filename of the key file.

Convert from the OpenSSH format to putty private key

  1. Start “puttygen”
  2. [Load] for Load an existing private key file
  3. [Save private key]

Create a public key from a private key

ssh-keygen -y -f ~/.ssh/id_rsa >

-y      This option will read a private OpenSSH format file and print an OpenSSH public key to stdout.
-f filename      Specifies the filename of the key file.

protocol/ssh/create.html.txt · Last modified: 2021/09/13 by admin

Page Tools