Skip to content

Instantly share code, notes, and snippets.

@wheelq
Last active August 24, 2019 15:55
Show Gist options
  • Save wheelq/c199b1a2ea963653edf60c42aee31ea0 to your computer and use it in GitHub Desktop.
Save wheelq/c199b1a2ea963653edf60c42aee31ea0 to your computer and use it in GitHub Desktop.
SSH rsa dsa ecdsa ed25519 keygen
#!/usr/bin/env bash
# Author: Michal 'wheelq' Wiczynski <wheelq@gmail.com>
# Exit on error. Append "|| true" if you expect an error.
set -o errexit
# Exit on error inside any functions or subshells.
set -o errtrace
# Do not allow use of undefined vars. Use ${VAR:-} to use an undefined VAR
set -o nounset
# Catch the error in case mysqldump fails (but gzip succeeds) in `mysqldump |gzip`
set -o pipefail
# Turn on traces, useful while debugging but commented out by default
# set -o xtrace
#Oneliner:
#Keytypes + bits
#rsa -b 4096, dsa, ecdsa -b 521, ed25519
_keytype="ed25519" && _date="$(date +%Y%m%d_%H%M%S)" && _keyfilename="${_date}_id_${_keytype}" && ssh-keygen -C "$(whoami)@$(hostname)-${_date}" -o -a 100 -t "${_keytype}" -f ~/.ssh/"${_keyfilename}" -N "" -q && echo -e "Generated: ~/.ssh/${_keyfilename} keypair"
#Also, generate legacy version in PEM format by using -m PEM switch:
sleep 2;_keytype="ed25519" && _date="$(date +%Y%m%d_%H%M%S)" && _keyfilename="${_date}_id_${_keytype}_PEM" && ssh-keygen -C "$(whoami)@$(hostname)-${_date}" -o -a 100 -t "${_keytype}" -f ~/.ssh/"${_keyfilename}" -N "" -m PEM -q && echo -e "Generated: ~/.ssh/${_keyfilename} keypair"
#-b : Specify number of bits. Higher!=better. ed25519 has fixed number of bits
#-N : Specify the password
#-q : Silent mode on
#-o : Save the private-key using the new OpenSSH format rather than the PEM format. Actually, this option is implied when you specify the key type as ed25519.
#-a: It’s the numbers of KDF (Key Derivation Function) rounds. Higher numbers result in slower passphrase verification, increasing the resistance to brute-force password cracking should the private-key be stolen.
#-t: Specifies the type of key to create, in our case the Ed25519.
#-f: Specify the filename of the generated key file. If you want it to be discovered automatically by the SSH agent, it must be stored in the default `.ssh` directory within your home directory.
#-C: An option to specify a comment. It’s purely informational and can be anything. But it’s usually filled with <login>@<hostname> who generated the key.
#Other options
##ssh-keygen -t rsa -b 4096
##ssh-keygen -t dsa
##ssh-keygen -t ecdsa -b 521
##ssh-keygen -t ed25519
##ssh-keygen -C "$(whoami)@$(hostname)-$(date -I)"
##ssh-keygen -o -a 100 -t ed25519 -f ~/.ssh/id_ed25519 -C "john@example.com"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment