Detailed explanation of the basic usage of SSH's ssh-keygen command

SSH public key authentication is one of the SSH authentication methods. SSH password-free login can be achieved through public key authentication, and git's SSH method is also authenticated by public key.

In the home directory of the user directory, there is a .ssh directory. Almost all the files related to the current user's ssh configuration authentication are in this directory.

ssh-keygen can be used to generate the public and private key files required for ssh public key authentication.

When using ssh-keygen, please go to the ~/.ssh directory first. If it does not exist, please create it first. And make sure that the permissions of ~/.ssh and all parent directories cannot be greater than 711

Generated file name and location

Using ssh-kengen will generate two files in the ~/.ssh/ directory. When the file name and key type are not specified, the two files generated by default are:

id_rsa

id_rsa.pub

The first is the private key file and the second is the public key file.

When generating an ssh key, you can specify the file name of the generated file through the -f option, as follows:

[[email protected]]$ ssh-keygen -f test -C "test key"
               ~~File Name~~~~ Notes

If no file name is specified, you will be asked to enter one:

[[email protected]]$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/huqiu/.ssh/id_rsa):

You can enter the file name you want, here we enter test.

After that, you will be asked if you need to enter a password. After entering the password, you will need to enter it every time thereafter. Please decide whether you need a password based on your security needs. If not, just press Enter:

[[email protected]]$ ssh-keygen -t rsa -f test -C "test key"
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:

If the file name is test, the result is:

[[email protected]]$ll test*
-rw------- 1 huqiu huqiu 1675 Sep 15 13:24 test
-rw-r--r-- 1 huqiu huqiu 390 Sep 15 13:24 test.pub

In the command generated above, the -C option is a comment in the public key file:

[[email protected]]$ cat test.pub
ssh-rsa
AAAAB3NzaC1yc2EAAAABIwAAAQEAlgjiMw7AskxbvpQY9rmZPQxQBzh9laxFvbaini2EgmQkNsXBA9WJOXn2YBJauoiVsdUKBWA97avjsobrTxsCYvFr1yQQvTfTlbqlqGNIhQc/3HjTl2pIkClpDWvBrRN+jpyESS4MNbfOL1qjT4c/QhGvj6U6HrN6kUyn58oyyJpTzOLG74AZELJ2Led57QvTw1yJXZuAMWioR0A3BGd25fdocLX3ebux6ya8AsloOVYfsAqGlggrARe6FXjLfMH4a/nxaAdiDYVXU/Vr1ybK9P7SfyEDGJi3JtgiPUlA6vPxUC
E+9IJPQaqqeqCGzrJ6G/XO7om1v9YLLG/H/ZN2tQ== test key
                      ~~~~Remarks

In order for the private key file and public key file to work in authentication, please ensure that the permissions are correct.

For .ssh and its parent folder, the current user must have execute permission, and other users can only have execute permission at most.

The same is true for public and private key files: the current user must have execution permissions, and other users can only have execution permissions at most.

The above is the basic usage of SSH's ssh-keygen command. I hope it is useful to everyone. For more articles about the usage of ssh-keygen, please see the following related articles