hreese/ssh-keygen

## ssh-keygen
#Read multiple keys from an authorized_keys file and print the finger print

[root@server01 .ssh]# while read line; do ssh-keygen -l -f /dev/stdin <<< $line; done < authorized_keys
2048 87:7a:4d:70:d2:10:a4:4b:b7:e1:2b:7c:77:92:25:04 /dev/stdin (RSA)
2048 7d:f0:89:94:00:09:bc:70:46:59:8d:9a:70:3b:ac:70 /dev/stdin (RSA)
2048 61:63:ee:0d:f6:d2:d8:d6:ae:37:0c:35:ae:da:51:6a /dev/stdin (RSA)

#read a key from authorized key file
[root@server01 .ssh]# ssh-keygen -l -f authorized_keys
2048 87:7a:4d:70:d2:10:a4:4b:b7:e1:2b:7c:77:92:25:04 authorized_keys (RSA)

#read finger print from remote server
[root@servers01 ~]# ssh-keygen -l -f /dev/stdin <<< `ssh-keyscan gateway.nerdplanet.org`
# gateway.nerdplanet.org SSH-2.0-OpenSSH_6.4
2048 9e:ca:e3:f6:6d:3b:66:4e:4f:ac:1b:b8:3f:9e:46:e5 gateway.nerdplanet.org (RSA)

#view finger print with random art images
[root@server01 .ssh]# ssh-keygen -lv -f authorized_keys
2048 87:7a:4d:70:d2:10:a4:4b:b7:e1:2b:7c:77:92:25:04 authorized_keys (RSA)
+--[ RSA 2048]----+
|       .E.       |
|       . +       |
|      o = +      |
|     . + O       |
|      . S + .    |
|     . . = +     |
|      + + = .    |
|       + . o     |
|                 |
+-----------------+

#copy ssh public keys the easy way
ssh-copy-id -i .ssh/id_rsa.pub user@remote_host:

#Easy known hosts file management
ssh-keygen -R remote-host

##Verify private/public OpenSSH Keys
#public key verification
[-0-(mohan@linuxbox):~]$ssh-keygen -l -f test_ssh_key.pub
2048 cc:95:23:50:91:f5:38:73:b5:e7:69:fe:bc:53:c6:b1  mohan@linuxbox (RSA)

#private key verification
[-0-(mohan@linuxbox):~]$eval $(ssh-agent)
Agent pid 32377
[-0-(mohan@linuxbox):~]$ssh-add test_ssh_key
Identity added: test_ssh_key (test_ssh_key)
[-255-(mohan@linuxbox):~]$ssh-add -l
2048 cc:95:23:50:91:f5:38:73:b5:e7:69:fe:bc:53:c6:b1 test_ssh_key (RSA)

or
#regenerate publickey from private key and verify its finger print.
[-0-(mohan@linuxbox):~]$ssh-keygen -l -f /dev/stdin <<< $(ssh-keygen -y -f test_ssh_key)
2048 cc:95:23:50:91:f5:38:73:b5:e7:69:fe:bc:53:c6:b1 /dev/stdin (RSA)

#setup ssh agent - lifetime can be h - hours, m - minutes, s-seconds
echo 'eval $(ssh-agent -t 3h)' >> ~/.bash_profile
ssh-add ~/.ssh/
ssh-add -l
	#Read multiple keys from an authorized_keys file and print the finger print

	[root@server01 .ssh]# while read line; do ssh-keygen -l -f /dev/stdin <<< $line; done < authorized_keys
	2048 87:7a:4d:70:d2:10:a4:4b:b7:e1:2b:7c:77:92:25:04 /dev/stdin (RSA)
	2048 7d:f0:89:94:00:09:bc:70:46:59:8d:9a:70:3b:ac:70 /dev/stdin (RSA)
	2048 61:63:ee:0d:f6:d2:d8:d6:ae:37:0c:35:ae:da:51:6a /dev/stdin (RSA)

	#read a key from authorized key file
	[root@server01 .ssh]# ssh-keygen -l -f authorized_keys
	2048 87:7a:4d:70:d2:10:a4:4b:b7:e1:2b:7c:77:92:25:04 authorized_keys (RSA)

	#read finger print from remote server
	[root@servers01 ~]# ssh-keygen -l -f /dev/stdin <<< `ssh-keyscan gateway.nerdplanet.org`
	# gateway.nerdplanet.org SSH-2.0-OpenSSH_6.4
	2048 9e:ca:e3:f6:6d:3b:66:4e:4f:ac:1b:b8:3f:9e:46:e5 gateway.nerdplanet.org (RSA)

	#view finger print with random art images
	[root@server01 .ssh]# ssh-keygen -lv -f authorized_keys
	2048 87:7a:4d:70:d2:10:a4:4b:b7:e1:2b:7c:77:92:25:04 authorized_keys (RSA)
	+--[ RSA 2048]----+
	\| .E. \|
	\| . + \|
	\| o = + \|
	\| . + O \|
	\| . S + . \|
	\| . . = + \|
	\| + + = . \|
	\| + . o \|
	\| \|
	+-----------------+

	#copy ssh public keys the easy way
	ssh-copy-id -i .ssh/id_rsa.pub user@remote_host:

	#Easy known hosts file management
	ssh-keygen -R remote-host

	##Verify private/public OpenSSH Keys
	#public key verification
	[-0-(mohan@linuxbox):~]$ssh-keygen -l -f test_ssh_key.pub
	2048 cc:95:23:50:91:f5:38:73:b5:e7:69:fe:bc:53:c6:b1 mohan@linuxbox (RSA)

	#private key verification
	[-0-(mohan@linuxbox):~]$eval $(ssh-agent)
	Agent pid 32377
	[-0-(mohan@linuxbox):~]$ssh-add test_ssh_key
	Identity added: test_ssh_key (test_ssh_key)
	[-255-(mohan@linuxbox):~]$ssh-add -l
	2048 cc:95:23:50:91:f5:38:73:b5:e7:69:fe:bc:53:c6:b1 test_ssh_key (RSA)

	or
	#regenerate publickey from private key and verify its finger print.
	[-0-(mohan@linuxbox):~]$ssh-keygen -l -f /dev/stdin <<< $(ssh-keygen -y -f test_ssh_key)
	2048 cc:95:23:50:91:f5:38:73:b5:e7:69:fe:bc:53:c6:b1 /dev/stdin (RSA)

	#setup ssh agent - lifetime can be h - hours, m - minutes, s-seconds
	echo 'eval $(ssh-agent -t 3h)' >> ~/.bash_profile
	ssh-add ~/.ssh/
	ssh-add -l