Differences between revisions 1 and 2
Revision 1 as of 2021-01-15 01:00:02
Size: 898
Editor: DominicRicottone
Comment:
Revision 2 as of 2021-01-15 01:06:26
Size: 1299
Editor: DominicRicottone
Comment:
Deletions are marked like this. Additions are marked like this.
Line 29: Line 29:
=== Legacy Format ===

OpenSSH 7.8+ uses a new format of SSH keys, which begin with `-----BEGIN OPENSSH PRIVATE KEY-----`. Some software are not prepared to parse this key format.

To generate a new key using the old format, add the `-m PEM` option.

To convert an existing key to the old format, try:

{{{
ssh-keygen -p -f ~/.ssh/id_rsa -m pem -P "" -N "" > ~/.ssh/id_rsa.legacy
}}}

SSH Keys

SSH Keys are used for password-less authentication. These carry a greater degree of security than password authentication, especially with careful control of your identity files.

Contents

  1. SSH Keys
    1. Installation
    2. Usage
      1. Server Configuration
      2. Legacy Format
      3. Commercial Services

Installation

To generate a new SSH key, try: 

ssh-keygen -t rsa -b 4096 -C "[email protected]"

Note that standards are always shifting. In the past, Github recommended a 2048 bits long key. Github now recommends the ed25519 algorithm, instead of rsa.

Usage

Server Configuration

Legacy Format

OpenSSH 7.8+ uses a new format of SSH keys, which begin with -----BEGIN OPENSSH PRIVATE KEY-----. Some software are not prepared to parse this key format.

To generate a new key using the old format, add the -m PEM option.

To convert an existing key to the old format, try: 

ssh-keygen -p -f ~/.ssh/id_rsa -m pem -P "" -N "" > ~/.ssh/id_rsa.legacy

Commercial Services

Github and Gitlab both allow SSH key authentication.

CategoryRicottone

Encryption/SSHKeyGen (last edited 2023-04-06 16:23:38 by DominicRicottone)