wheelq/keygen.sh

## keygen.sh
#!/usr/bin/env bash
# Author: Michal 'wheelq' Wiczynski <wheelq@gmail.com>
# Exit on error. Append "|| true" if you expect an error.
set -o errexit
# Exit on error inside any functions or subshells.
set -o errtrace
# Do not allow use of undefined vars. Use ${VAR:-} to use an undefined VAR
set -o nounset
# Catch the error in case mysqldump fails (but gzip succeeds) in `mysqldump |gzip`
set -o pipefail
# Turn on traces, useful while debugging but commented out by default
# set -o xtrace
#Oneliner:

#Keytypes + bits
#rsa -b 4096, dsa, ecdsa -b 521, ed25519
_keytype="ed25519" && _date="$(date +%Y%m%d_%H%M%S)" && _keyfilename="${_date}_id_${_keytype}" && ssh-keygen -C "$(whoami)@$(hostname)-${_date}" -o -a 100 -t "${_keytype}" -f ~/.ssh/"${_keyfilename}" -N "" -q && echo -e "Generated: ~/.ssh/${_keyfilename} keypair"
#Also, generate legacy version in PEM format by using -m PEM switch:
sleep 2;_keytype="ed25519" && _date="$(date +%Y%m%d_%H%M%S)" && _keyfilename="${_date}_id_${_keytype}_PEM" && ssh-keygen -C "$(whoami)@$(hostname)-${_date}" -o -a 100 -t "${_keytype}" -f ~/.ssh/"${_keyfilename}" -N "" -m PEM -q && echo -e "Generated: ~/.ssh/${_keyfilename} keypair"

#-b : Specify number of bits. Higher!=better. ed25519 has fixed number of bits
#-N : Specify the password
#-q : Silent mode on
#-o : Save the private-key using the new OpenSSH format rather than the PEM format. Actually, this option is implied when you specify the key type as ed25519.
#-a: It’s the numbers of KDF (Key Derivation Function) rounds. Higher numbers result in slower passphrase verification, increasing the resistance to brute-force password cracking should the private-key be stolen.
#-t: Specifies the type of key to create, in our case the Ed25519.
#-f: Specify the filename of the generated key file. If you want it to be discovered automatically by the SSH agent, it must be stored in the default `.ssh` directory within your home directory.
#-C: An option to specify a comment. It’s purely informational and can be anything. But it’s usually filled with <login>@<hostname> who generated the key.

#Other options
##ssh-keygen -t rsa -b 4096
##ssh-keygen -t dsa
##ssh-keygen -t ecdsa -b 521
##ssh-keygen -t ed25519
##ssh-keygen -C "$(whoami)@$(hostname)-$(date -I)"
##ssh-keygen -o -a 100 -t ed25519 -f ~/.ssh/id_ed25519 -C "john@example.com"
	#!/usr/bin/env bash
	# Author: Michal 'wheelq' Wiczynski <wheelq@gmail.com>
	# Exit on error. Append "\|\| true" if you expect an error.
	set -o errexit
	# Exit on error inside any functions or subshells.
	set -o errtrace
	# Do not allow use of undefined vars. Use ${VAR:-} to use an undefined VAR
	set -o nounset
	# Catch the error in case mysqldump fails (but gzip succeeds) in `mysqldump \|gzip`
	set -o pipefail
	# Turn on traces, useful while debugging but commented out by default
	# set -o xtrace
	#Oneliner:

	#Keytypes + bits
	#rsa -b 4096, dsa, ecdsa -b 521, ed25519
	_keytype="ed25519" && _date="$(date +%Y%m%d_%H%M%S)" && _keyfilename="${_date}_id_${_keytype}" && ssh-keygen -C "$(whoami)@$(hostname)-${_date}" -o -a 100 -t "${_keytype}" -f ~/.ssh/"${_keyfilename}" -N "" -q && echo -e "Generated: ~/.ssh/${_keyfilename} keypair"
	#Also, generate legacy version in PEM format by using -m PEM switch:
	sleep 2;_keytype="ed25519" && _date="$(date +%Y%m%d_%H%M%S)" && _keyfilename="${_date}_id_${_keytype}_PEM" && ssh-keygen -C "$(whoami)@$(hostname)-${_date}" -o -a 100 -t "${_keytype}" -f ~/.ssh/"${_keyfilename}" -N "" -m PEM -q && echo -e "Generated: ~/.ssh/${_keyfilename} keypair"

	#-b : Specify number of bits. Higher!=better. ed25519 has fixed number of bits
	#-N : Specify the password
	#-q : Silent mode on
	#-o : Save the private-key using the new OpenSSH format rather than the PEM format. Actually, this option is implied when you specify the key type as ed25519.
	#-a: It’s the numbers of KDF (Key Derivation Function) rounds. Higher numbers result in slower passphrase verification, increasing the resistance to brute-force password cracking should the private-key be stolen.
	#-t: Specifies the type of key to create, in our case the Ed25519.
	#-f: Specify the filename of the generated key file. If you want it to be discovered automatically by the SSH agent, it must be stored in the default `.ssh` directory within your home directory.
	#-C: An option to specify a comment. It’s purely informational and can be anything. But it’s usually filled with <login>@<hostname> who generated the key.

	#Other options
	##ssh-keygen -t rsa -b 4096
	##ssh-keygen -t dsa
	##ssh-keygen -t ecdsa -b 521
	##ssh-keygen -t ed25519
	##ssh-keygen -C "$(whoami)@$(hostname)-$(date -I)"
	##ssh-keygen -o -a 100 -t ed25519 -f ~/.ssh/id_ed25519 -C "john@example.com"