ssh-keygen questions - Page 1

Rob

Asked: 2020-05-01 14:05:48 +0800 CST

Ubuntu 20.04 ssh-keygen unknown option -G unable to generate Diffie-Hellman parameters

7

I have noticed that the ssh-keygen for ubuntu 20.04 is missing the options for generating the Diffie-Hellman parameters. This is normally part of SSH hardening. Does anyone know why it has disappeared?

Dustin Oprea

Asked: 2016-05-06 17:25:19 +0800 CST

Getting SHA1 Digest of SSH Public Key

8

It seems like this should be easy. I run "ssh-keygen -l -f " (the default seems to be SHA1). All of the examples show it printing the hex-formatted digest with a little extra, harmless information. Yet, on my Mac I'm getting a useless, opaque string.

I should mention that the "-E" parameter works on Mac (10.10) but is unavailable in Ubuntu (14.04). Keep that in mind if it doesn't work for you.

$ ssh-keygen -l -E md5 -f dustin.pem
2048 MD5:29:ed:da:d3:5a:8c:78:4f:62:d3:fd:0c:77:5b:6d:d9 dustin.pem.pub (RSA)

$ ssh-keygen -l -E sha1 -f dustin.pem
2048 SHA1:x2ENPL+vzVdlgkIyu0tAhVQ+H4U dustin.pem.pub (RSA)

$ ssh-keygen -l -E sha256 -f dustin.pem
2048 SHA256:agJs/axI8QPzet/eoPMDxLSf37fd1bgsMX4Di0gqMy4 dustin.pem.pub (RSA)

Both of the attempted SHA algorithms return opaque, but different, ASCII strings.

What am I missing? How do I get a SHA1 hex-digest without having to copy my key to a Linux system to do it?

Thanks.

splicer

Asked: 2011-05-09 10:19:37 +0800 CST

SSH keys: why is id_rsa larger than id_rsa.pub?

9

My private key (~/.ssh/id_rsa) is a 1766-byte file, but my public key (~/.ssh/id_rsa.pub) is only 396 bytes in length. Why the massive difference? Is it because the private key is encrypted using AES? Isn't AES ciphertext usually around the same length as the plaintext?

kch

Asked: 2009-08-06 23:29:25 +0800 CST

RSA or DSA: What's the definitive answer when generating SSH key pairs? [duplicate]

9

Possible Duplicate:
SSH keypair generation: RSA or DSA?

Some say use RSA, some say use DSA, some say it doesn't matter.

Some say one is more secure than the other, some say the reverse.

Some say it's a patent issue.

So, what's the real story here? Pros and cons, etc?
In the end either will do, but for the fastidious security-minded person, which one is a better fit?
Should one bother with mandating that the entire company use the same encryption?

Update

Ah, turns out this is an exact dupe of q40071, and the accepted answer there is ok.

kch

Asked: 2009-08-06 21:37:57 +0800 CST

How do I change my private key passphrase?

400

I have an existing public/private key pair. The private key is password protected, and the encryption may be either RSA or DSA. These keys are the kind you generate with ssh-keygen and generally store under ~/.ssh.

I'd like to change the private key's password. How do I go about it, on a standard Unix shell?

Also, how do I simply remove the password? Just change it to empty?

Ubuntu 20.04 ssh-keygen unknown option -G unable to generate Diffie-Hellman parameters

Getting SHA1 Digest of SSH Public Key

SSH keys: why is id_rsa larger than id_rsa.pub?

RSA or DSA: What's the definitive answer when generating SSH key pairs? [duplicate]

Update

How do I change my private key passphrase?

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?

Questions[ssh-keygen](server)

Update