How do I validate an RSA SSH public key file (id_rsa.pub)?
148,949
You can use ssh-keygen
for this. Despite its name it can do many more things than generating keys:
dennis@lightning:~$ ssh-keygen -l -f .ssh/id_rsa.pub
2048 68:df:b2:22:d8:43:5d:36:75:c1:d8:59:c0:8c:22:e8 Dennis Kaarsemaker (RSA)
dennis@lightning:~$ ssh-keygen -l -f foo.txt
foo.txt is not a public key file.
Related videos on Youtube
Author by
Ryan
Updated on September 18, 2022Comments
-
Ryan almost 2 years
Is there a command I can use to verify the public key (id_rsa.pub), just the format only.
Sometimes I have added a new linebreak, sometimes the file missed the
ssh-rsa
prefix, so is there a command to validate with? -
Quazi Irfan over 7 yearsSo I have to have the fingerprint beforehand to validate the public key?
-
vidstige over 6 years@QuaziIrfan no, you do not need the fingerprint beforehand. The returncode of
ssh-keygen
will tell you whether it's valid or not. -
vidstige over 6 yearsDoes not work for keys with passwords :-(
-
slhck over 5 yearsNote that this also works on a file containing multiple keys, such as
~/.ssh/authorized_keys
. -
Jacopo about 4 yearsNote that ssh-keygen will also accept options before ssh-xxx (as in authorized_keys), which can potentially be dangerous: command="xxx", ...
-
Amory almost 4 yearsThe
[-E fingerprint_hash]
option is also useful if you want something other than the default, e.g.-E md5
or-E sha512