How do I access my SSH public key?
I’ve just generated my RSA key pair, and I wanted to add that key to GitHub. I tried cd id_rsa.pub and id_rsa.pub , but no luck. How can I access my SSH public key?
Yes, the other seems to be better positioned (based on the wording, etc.), it has more views and votes within shorter period of time which indicates it’s much more popular. See: Should I vote to close a duplicate question, even though it’s much newer, and has more up to date answers? Once duplicate, both answers could be merged into one.
24 Answers 24
cat ~/.ssh/id_rsa.pub or cat ~/.ssh/id_dsa.pub
You can list all the public keys you have by doing:
Even though I see the file in the place it’s referring to (C:/Users/Me/.ssh/.id_rsa.pub), these commands are producing an error: No such file or directory. I’m doing this from Git Bash, MyPC ~/.ssh
@sscirrus: In windows, you can use type command. Or just open the .pub file in notepad and paste it to github.
Copy the key to your clipboard.
Warning: it’s important to copy the key exactly without adding newlines or whitespace. Thankfully the pbcopy command makes it easy to perform this setup perfectly.
and paste it wherever you need.
sudo apt-get install -y xclip followed by alias pbcopy=»xclip -sel clip» and then pbcopy < ~/.ssh/id_rsa.pub OR simply xclip -selection clipboard < ~/.ssh/id_rsa.pub
You may try to run the following command to show your RSA fingerprint:
ssh-agent sh -c 'ssh-add; ssh-add -l' ssh-agent sh -c 'ssh-add; ssh-add -L' If you’ve the message: ‘The agent has no identities.’, then you’ve to generate your RSA key by ssh-keygen first.
Using ssh-add -L is by far the better option as not every SSH key is an RSA key sitting in the ~/.ssh folder. I much prefer to use my PGP key for authentication and so I do not have a ~/.ssh/id_rsa.pub file at all.
If you’re on Windows use the following, select all, and copy from a Notepad window:
Mac, Ubuntu, Linux compatible machines, use this command to print public key, then copy it:
Here’s how I found mine on OS X:
If that doesn’t work, do an ls and see what files are in there with a .pub extension.
On terminal cat ~/.ssh/id_rsa.pub
explanation
- cat is a standard Unix utility that reads files and prints output
- ~ Is your Home User path
- /.ssh — your hidden directory contains all your ssh certificates
- id_rsa.pub OR id_dsa.pub are RSA public keys, (the private key located on the client machine). the primary key for example can be used to enable cloning project from remote repository securely to your client end point.
After you generate your SSH key you can do:
which will copy your ssh key into your clipboard.
If you’re using windows, the command is:
type %userprofile%\.ssh\id_rsa.pubit should print the key (if you have one). You should copy the entire result. If none is present, then do:
ssh-keygen -t rsa -C "your.email@example.com" -b 4096If you are using Windows PowerShell, the easiest way is to:
That will copy the key to your clipboard for easy pasting.
So, in my instance, I use ed25519 since RSA is now fairly hackable:
cat ~/.ssh/id_ed25519.pub | clip Because I find myself doing this a lot, I created a function and set a simple alias I could remember in my PowerShell profile (learn more about PowerShell profiles here. Just add this to your Microsoft.PowerShell_profile.ps1 :
function Copy-SSHKey < Get-Content ~/.ssh/id_ed25519.pub | clip >Set_Alias -Name sshkey -Value Copy-SSHKey Then, in a PowerShell console, run . $profile to load the functions. Then from now on all you will need to do is run sshkey , and then paste the key into wherever you need via the clipboard.
If you only have your private key available, you can generate the public key from it:
ssh-keygen -y -f path/to/private_key The following command will save the SSH key on the clipboard. You only need to paste at the desired location.
Open your id_dsa.pub or some_name.pub file with gedit and copy-paste the contents!
When i do so, its opening a blank file. Its not showing any text in it. But when i browse through file manager, i’m able to see the text.
# sudo su # cd /home/user/.ssh .ssh# gedit id_rsa.pub Then copy the entire file without any spaces. Click your icon at the top right of the GitHub page, go to settings, and add ssh.
Paste the copy into the space. It may prompt for your GitHub password. Enter it. Save.
ssh-keygen -o -t rsa -b 4096 -C "email@example.com" And After that Just Copy And Paste
It can be found on this path (default path):
john is your Mac username.
It is very simple. After you generated ssh key on your computer, you can access your public ssh key by following command
You should see output similar to the following:
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCyVGaw1PuEl98f4/7Kq3O9ZIvDw2OFOSXAFVqilSFNkHlefm1iMtPeqsIBp2t9cbGUf55xNDULz/bD/4BCV43yZ5lh0cUYuXALg9NI29ui7PEGReXjSpNwUD6ceN/78YOK41KAcecq+SS0bJ4b4amKZIJG3JWmDKljtv1dmSBCrTmEAQaOorxqGGBYmZS7NQumRe4lav5r6wOs8OACMANE1ejkeZsGFzJFNqvr5DuHdDL5FAudW23me3BDmrM9ifUzzjl1Jwku3bnRaCcjaxH8oTumt1a00mWci/1qUlaVFft085yvVq7KZbF2OPPbl+erDW91+EZ2FgEi+v1/CSJ5 your_username@hostname Also note that the public key begins with ssh-rsa and ends with your_username@hostname.
How to Find SSH Public Key
In some situations, you may need to view the contents of your SSH keys. For example, you may need to view the contents of a public key to add it to remote services requiring SSH authentication, such as Google Cloud. This article shows you how to view SSH key contents using a simple cat command in Linux.
How to Generate an SSH Key
The first step to setting up an SSH key is to generate a pair. An SSH-key pair contains a public and private key. Using the public and private pair, you can authenticate a user to a remote host.
In Linux, use the following command to generate an SSH key pair:
The above command will require you to input information to set up and create the keys. If you are on unsecured networks or critical systems, be sure to encrypt your keys with a passphrase.
Generating public / private rsa key pair.
Enter file in which to save the key ( / home / ubuntu / .ssh / id_rsa ) :
Created directory ‘/home/ubuntu/.ssh’ .
Enter passphrase ( empty for no passphrase ) :
Enter same passphrase again:
Your identification has been saved in / home / ubuntu / .ssh / id_rsa
Your public key has been saved in / home / ubuntu / .ssh / id_rsa.pub
The key fingerprint is:
SHA256:hVkOnzk7nLWx3j4vqLv / B83tYN7w3juLAbFw610xh7Q ubuntu @ CSALEM
The key ‘s randomart image is:
+—[RSA 3072]—-+
| . . . |
| B o . o |
| o.Boo Eo.|
| oo=++ +|
| S =+o +.|
| .oo.* +|
| ..*.B |
| ..*.*|
| +=.ooOB|
+—-[SHA256]——+
NOTE: You must have the OpenSSH package installed on your system to use the ssh-keygen command.
How to View an SSH Key
The first method that you can use to view your SSH key is by using a simple cat command. This command will print the file’s contents, which you can copy and paste to the remote host. By default, SSH keys are stored in the /home/$USER/.ssh
The above command will print the contents of your SSH public key. The following is an example key:
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC4P7J4iUnK+lbKeBxEJqgBaapI6 / tr2we9Ipr9QzYvAIzOyS396uYRhUldTL0sios0BlCes9k9FEU8 / ZFABaPlvr / UcM / vBlVpEv1uCkq1Rg48bK8nWuCBcLmy2B+MUoiXT / 0W51qT2fSYRUk0fafnxvBnqRidRdOpRZtxMKjvsSua+tU5AciEuYJ+L4X32UF2sHe6o+GzAyItK5ZzpneiEPfoHUSJ4N7+wUcrTI52NPrHmH11jzLPpMHxoqiDBzF2IIVxxU1GSioGAij7T5Sf6aWDOnBHnpeJBFujChg+p2WPlha+B2NaCt25eBtwPMMFQqmJ38xoPr1BCtF6ViOR1e2e7rk / +XML3ypZU8mawhJbl6IqfzRtn5C8dP6vGqMg30kW9vIp4GqlbGLMeAyuBsA45rNnVqxtiMXdKcHPvA+Mmbm+7YSXzoyQcuRUzJY9K+Y+ty7XQPmwYgvT7bvtFvC5B9wWAqt5qgmTToLp7qHLCXK+m / 6 rpJp7d57tGv0 = ubuntu @ UBUNTU
Another method that you can use to view the contents of your SSH key is by using the Open-SSH authentication tool with the command shown below:
This command will prompt you for an authentication password for the passphrase if one is assigned, as follows:
Enter passphrase for / home / ubuntu / .ssh / id_rsa:
Identity added: / home / ubuntu / .ssh / id_rsa ( ubuntu @ CSALEM )
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC4P7J4iUnK+lbKeBxEJqgBaapI6 / tr2we9Ipr9QzYvAIzOyS396uYRhUldTL0sios0BlCes9k9FEU8 / ZFABaPlvr / UcM / vBlVpEv1uCkq1Rg48bK8nWuCBcLmy2B+MUoiXT / 0W51qT2fSYRUk0fafnxvBnqRidRdOpRZtxMKjvsSua+tU5AciEuYJ+L4X32UF2sHe6o+GzAyItK5ZzpneiEPfoHUSJ4N7+wUcrTI52NPrHmH11jzLPpMHxoqiDBzF2IIVxxU1GSioGAij7T5Sf6aWDOnBHnpeJBFujChg+p2WPlha+B2NaCt25eBtwPMMFQqmJ38xoPr1BCtF6ViOR1e2e7rk / +XML3ypZU8mawhJbl6IqfzRtn5C8dP6vGqMg30kW9vIp4GqlbGLMeAyuBsA45rNnVqxtiMXdKcHPvA+Mmbm+7YSXzoyQcuRUzJY9K+Y+ty7XQPmwYgvT7bvtFvC5B9wWAqt5qgmTToLp7qHLCXK+m / 6 rpJp7d57tGv0 = ubuntu @ UBUNTU
Conclusion
This article showed you how to generate an SSH key, as well as two methods that you can use to view the content of an SSH key. For the most part, you will only need to view the content within public keys, and not private keys. Always make sure to protect your SSH keys at all times. Secure your Shell!
About the author
John Otieno
My name is John and am a fellow geek like you. I am passionate about all things computers from Hardware, Operating systems to Programming. My dream is to share my knowledge with the world and help out fellow geeks. Follow my content by subscribing to LinuxHint mailing list
Can I find out which ssh key was used to access an account?
Is it possible to find out which ssh key was used to access an account? I have an account on a server that I let several (trusted!) people have access to via ssh. I’d find it useful to be able to know who logged in and when. I have root access so I can look at the logs, but there doesn’t seem to be anything there. Is there some configuration switch that will put some way of identifying the key in the logs?
It would be amazingly useful to be able to find out which key was used to authorize the current session — in my case, for access control on a Mercurial repository accessed through a shared login. All the existing techniques involve threading the identity through a command option, which is a bit clunky.
In case someone wants to detect the currently used ssh key from within the current ssh session you may have a look at my answer to a similar question on serverfault. I post this as a comment here because it’s not the same question, just highly related.
7 Answers 7
If you go into the sshd config file (usually /etc/ssh/sshd_config ) and change the LogLevel directive to VERBOSE:
. you can see something like this in the logs:
Jun 24 22:43:42 localhost sshd[29779]: Found matching RSA key: d8:d5:f3:5a:7e:27:42:91:e6:a5:e6:9e:f9:fd:d3:ce
Jun 24 22:43:42 localhost sshd[29779]: Accepted publickey for caleb from 127.0.0.1 port 59630 ssh2
LogLevel Gives the verbosity level that is used when logging messages from sshd(8). The possible values are: QUIET, FATAL, ERROR, INFO, VER- BOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. The default is INFO. DEBUG and DEBUG1 are equivalent. DEBUG2 and DEBUG3 each specify higher levels of debugging output. Logging with a DEBUG level vio- lates the privacy of users and is not recommended. For printing fingerprint of current session: sed -ne «/sshd.$PPID. *matching DSA key/» /var/log/auth.log
@F.Hauri, Unless I’m missing something, wouldn’t that return the wrong thing if a PID is reused for a second SSH session? It looks like it will always return the earliest fingerprint for the given PID in auth.log rather than the latest.
This will only list the fingerprint. If you want to get fingerprint, you can run ssh-keygen -E md5 -lf /root/.ssh/authorized_keys .
Somewhat similar to @user37161’s answer. If the shared account is running a custom shell and the shell needs to know what user is there, then running the «wrapper» script might not be sufficient, since information there isn’t passed into the custom shell except through methods that could cause race conditions.
Instead you can use the environment= option in authorized_keys file to set an environment variable, which the custom shell can then read.
Inside your .ssh/authorized_keys file, prepend each line with an environment variable set, like the following:
environment="REMOTEUSER=jrhacker" ssh-rsa . environment="REMOTEUSER=jbloggs" ssh-rsa . Then the custom shell, or any of the various rc scripts, can read the $REMOTEUSER variable and take the appropriate action.
However, note that if you’re using a standard shell, then the logged-in user is capable of modifying the file to thwart various things. Also, there is some risks in allowing users to set environment variables such as LDPRELOAD . See the sshd_config documentation about PermitUserEnvironment .