Linux ssh-keygen and openssl commands

  • ssh-keygen
    This command will create a pair of private and public keys.
    It will ask for the location of the key and whether to use a passphrase.

    [oren@localhost ~]$ ssh-keygen 
    Generating public/private rsa key pair.
    Enter file in which to save the key (/home/oren/.ssh/id_rsa): 
    /home/oren/.ssh/id_rsa already exists.
    Overwrite (y/n)? y
    Enter passphrase (empty for no passphrase): 
    Enter same passphrase again: 
    Your identification has been saved in /home/oren/.ssh/id_rsa.
    Your public key has been saved in /home/oren/.ssh/
    The key fingerprint is:
    89:17:86:82:6c:7f:8b:b2:2c:0f:d3:52:30:e0:20:86 oren@localhost.localdomain
    The key's randomart image is:
    +--[ RSA 2048]----+
    |=.               |
    |E. .   .         |
    |o.+ . . o        |
    | + . . o o       |
    |  . . o S        |
    | o   o o         |
    |+ o . .          |
    |.= o             |
    | o+              |

    By default, it creates a key with a strength of 2048 bits.
    The two key files are:
    ~/.ssh/id_rsa  this is the private key
    ~/.ssh/ this is the public key, you upload this key to the server you want to connect with ssh.

  • if we want key stronger than 2048 bits, we can use the -b option.
    4096 bits is usually supported by most of the server, we create a key with this strength by running the following:

    ssh-keygen -b 4096
  • ssh-keygen -p
    we can use the -p option to remove or change the passphrase of the key file, as long as we know the passphrase.
  • ssh-keygen -l
    will display the ssh key fingerprint which is a unique cryptographic identifier.
  • openssl dhparam <bitSize> -text 
    find a prime number with the size of bitSize.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s