Last active
August 24, 2019 15:55
-
-
Save wheelq/c199b1a2ea963653edf60c42aee31ea0 to your computer and use it in GitHub Desktop.
SSH rsa dsa ecdsa ed25519 keygen
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
# Author: Michal 'wheelq' Wiczynski <wheelq@gmail.com> | |
# Exit on error. Append "|| true" if you expect an error. | |
set -o errexit | |
# Exit on error inside any functions or subshells. | |
set -o errtrace | |
# Do not allow use of undefined vars. Use ${VAR:-} to use an undefined VAR | |
set -o nounset | |
# Catch the error in case mysqldump fails (but gzip succeeds) in `mysqldump |gzip` | |
set -o pipefail | |
# Turn on traces, useful while debugging but commented out by default | |
# set -o xtrace | |
#Oneliner: | |
#Keytypes + bits | |
#rsa -b 4096, dsa, ecdsa -b 521, ed25519 | |
_keytype="ed25519" && _date="$(date +%Y%m%d_%H%M%S)" && _keyfilename="${_date}_id_${_keytype}" && ssh-keygen -C "$(whoami)@$(hostname)-${_date}" -o -a 100 -t "${_keytype}" -f ~/.ssh/"${_keyfilename}" -N "" -q && echo -e "Generated: ~/.ssh/${_keyfilename} keypair" | |
#Also, generate legacy version in PEM format by using -m PEM switch: | |
sleep 2;_keytype="ed25519" && _date="$(date +%Y%m%d_%H%M%S)" && _keyfilename="${_date}_id_${_keytype}_PEM" && ssh-keygen -C "$(whoami)@$(hostname)-${_date}" -o -a 100 -t "${_keytype}" -f ~/.ssh/"${_keyfilename}" -N "" -m PEM -q && echo -e "Generated: ~/.ssh/${_keyfilename} keypair" | |
#-b : Specify number of bits. Higher!=better. ed25519 has fixed number of bits | |
#-N : Specify the password | |
#-q : Silent mode on | |
#-o : Save the private-key using the new OpenSSH format rather than the PEM format. Actually, this option is implied when you specify the key type as ed25519. | |
#-a: It’s the numbers of KDF (Key Derivation Function) rounds. Higher numbers result in slower passphrase verification, increasing the resistance to brute-force password cracking should the private-key be stolen. | |
#-t: Specifies the type of key to create, in our case the Ed25519. | |
#-f: Specify the filename of the generated key file. If you want it to be discovered automatically by the SSH agent, it must be stored in the default `.ssh` directory within your home directory. | |
#-C: An option to specify a comment. It’s purely informational and can be anything. But it’s usually filled with <login>@<hostname> who generated the key. | |
#Other options | |
##ssh-keygen -t rsa -b 4096 | |
##ssh-keygen -t dsa | |
##ssh-keygen -t ecdsa -b 521 | |
##ssh-keygen -t ed25519 | |
##ssh-keygen -C "$(whoami)@$(hostname)-$(date -I)" | |
##ssh-keygen -o -a 100 -t ed25519 -f ~/.ssh/id_ed25519 -C "john@example.com" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment