I want to automate generate a pair of ssh key using shell script on Centos7, and I have tried <pre class="prettyprint"><code>yes "y" | ssh-keygen -t rsa echo "\n\n\n" | ssh-keygen... echo | ssh-keygen.. </code></pre> all of these command doesn't work, just input one 'enter' and the shell script stopped on "Enter passphrase (empty for no passphrase)", I just want to know how to simulate mutiple 'enter' in shell continuously. Many thanks if anyone can help !

We need to accomplish two steps automatically: <ol> <li> Enter a passphrase. Use the <code>-N</code> flag (void string for this example): <code>ssh-keygen -t rsa -N ''</code> </li> <li> Overwrite the key file: </li> </ol> Use <code>-f</code> to enter the path (in this example <code>id_rsa</code>) plus a here-string to answer yes to the following question: <pre class="prettyprint"><code>ssh-keygen -q -t rsa -N '' -f ~/.ssh/id_rsa <<<y >/dev/null 2>&1 </code></pre> Or, under a <code>bash</code> like shell, If you certainly want to overwrite the previous one, use just a here-string to feed the command with all the need input: <pre class="prettyprint"><code>ssh-keygen -q -t rsa -N '' <<< $'\ny' >/dev/null 2>&1 </code></pre> From <code>ssh-keygen</code> man page: <blockquote> <pre class="prettyprint"><code> -N new_passphrase provides the new passphrase. -q silence ssh-keygen. -f filename specifies the filename of the key file. </code></pre> </blockquote> <hr> Step by step explanation <pre class="prettyprint"><code>$ ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/home/klashxx/.ssh/id_rsa): </code></pre> 1) To avoid entering the key use <code>-f</code>: <pre class="prettyprint"><code>$ ssh-keygen -t rsa -f ~/.ssh/id_rsa Generating public/private rsa key pair. /home/klashxx/.ssh/id_rsa already exists. Overwrite (y/n)? </code></pre> ATTENTION: If you don't care about the RSA file name and certainly want to overwrite the previous one, check the instructions below point four. 2) Now we need to answer "y" automatically to the overwrite question (let's use a here-string for that job): <pre class="prettyprint"><code>$ ssh-keygen -t rsa -f ~/.ssh/id_rsa <<< y Generating public/private rsa key pair. /home/klashxx/.ssh/id_rsa already exists. Overwrite (y/n)? Enter passphrase (empty for no passphrase): </code></pre> 3) Finally we're going to use the <code>-N</code> flag to enter a void pass: <pre class="prettyprint"><code>$ ssh-keygen -t rsa -N '' -f ~/.ssh/id_rsa <<< y Generating public/private rsa key pair. /home/klashxx/.ssh/id_rsa already exists. Overwrite (y/n)? Your identification has been saved in /home/klashxx/.ssh/id_rsa. Your public key has been saved in /home/klashxx/.ssh/id_rsa.pub. The key fingerprint is: SHA256:Xo0t6caMB/8TSsigxfY28JIfqYjyqxRZrFrPncx5yiU klashxx@server The key's randomart image is: +---[RSA 2048]----+ | | | . | | o . | | + * = | | +. + BSo= o | |...o.+o+XO... | |.. .o.E==+B. . | |o . ...=.o... | |.+o. o .. | +----[SHA256]-----+ </code></pre> 4) Extra ball, cleanup the output, just check the return code: <pre class="prettyprint"><code>$ ssh-keygen -q -t rsa -N '' -f ~/.ssh/id_rsa <<<y >/dev/null 2>&1 $ echo $? 0 </code></pre> <hr> An alternative path to overwrite the previous RSA file (no -f flag needed) NOTE: Only <code>bash</code> like shells. If you don't care about the RSA name and just want to overwrite it, we need to answer these two questions automatically: <blockquote> <ol> <li> Enter file in which to save the key: /example/path/.ssh/id_rsa already exists. </li> <li> Overwrite (y/n)? </li> </ol> </blockquote> If we do this by hand, for the first question we just need to hit enter, and for the second, type <code>y</code> and press <code>enter</code>. We can simulate these actions by using the following here-string: <code>$'\ny'</code> From the <code>bash</code> man page: <blockquote> Words of the form $'string' are treated specially. The word expands to "string", with backslash-escaped characters replaced as specified by the ANSI C standard. \n new line </blockquote> So, if we use <code>od</code> to analyze our string: <pre class="prettyprint"><code>cat - <<< $'\ny' | od -c 0000000 \n y \n </code></pre> We see that we're getting just what we need to answer the questions. Points 1 and 2 can be summarized into: <pre class="prettyprint"><code>ssh-keygen -q -t rsa <<< $'\ny' </code></pre> And the final command will be: <pre class="prettyprint"><code>$ ssh-keygen -q -t rsa -N '' <<< $'\ny' >/dev/null 2>&1 $ echo $? 0 </code></pre> <hr> Kudos @lukasz-dynowski, @redochka, @mellow-yellow, @yeti and the rest of the folks in this thread.

If you don't want to prompt user for a file in which to save the key then, you can add file output flag <code>-f</code> to the command. <code>ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa</code> This way user will not be prompted for any input -unless id_rsa file(s) already exist.

How to execute ssh-keygen without prompt

I want to automate generate a pair of ssh key using shell script on Centos7, and I have tried

yes "y" | ssh-keygen -t rsa echo "\n\n\n" | ssh-keygen... echo | ssh-keygen..

all of these command doesn't work, just input one 'enter' and the shell script stopped on "Enter passphrase (empty for no passphrase)", I just want to know how to simulate mutiple 'enter' in shell continuously.

Many thanks if anyone can help !

How do I generate SSH key automatically?

From the SSH section, select Create SSH Key. In the Create SSH Key dialog, enter a Key Name and then select Create Key. The private and public SSH key pairs generate.

Is it possible to use ssh-keygen to create an SSH key without a password?

You can login to a remote Linux server without entering password in 3 simple steps using ssky-keygen and ssh-copy-id as explained in this article. ssh-keygen creates the public and private keys. ssh-copy-id copies the local-host's public key to the remote-host's authorized_keys file.

We need to accomplish two steps automatically:

Enter a passphrase. Use the -N flag (void string for this example):

ssh-keygen -t rsa -N ''
Overwrite the key file:

Use -f to enter the path (in this example id_rsa) plus a here-string to answer yes to the following question:

ssh-keygen -q -t rsa -N '' -f ~/.ssh/id_rsa <<<y >/dev/null 2>&1

Or, under a bash like shell, If you certainly want to overwrite the previous one, use just a here-string to feed the command with all the need input:

ssh-keygen -q -t rsa -N '' <<< $'\ny' >/dev/null 2>&1

From ssh-keygen man page:

  -N new_passphrase provides the new passphrase.   -q                silence ssh-keygen.   -f filename       specifies the filename of the key file.

Step by step explanation

$ ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/home/klashxx/.ssh/id_rsa):

1) To avoid entering the key use -f:

$ ssh-keygen -t rsa -f ~/.ssh/id_rsa Generating public/private rsa key pair. /home/klashxx/.ssh/id_rsa already exists. Overwrite (y/n)?

ATTENTION: If you don't care about the RSA file name and certainly want to overwrite the previous one, check the instructions below point four.

2) Now we need to answer "y" automatically to the overwrite question (let's use a here-string for that job):

$ ssh-keygen -t rsa -f ~/.ssh/id_rsa <<< y Generating public/private rsa key pair. /home/klashxx/.ssh/id_rsa already exists. Overwrite (y/n)? Enter passphrase (empty for no passphrase):

3) Finally we're going to use the -N flag to enter a void pass:

$ ssh-keygen -t rsa -N '' -f ~/.ssh/id_rsa <<< y Generating public/private rsa key pair. /home/klashxx/.ssh/id_rsa already exists. Overwrite (y/n)? Your identification has been saved in /home/klashxx/.ssh/id_rsa. Your public key has been saved in /home/klashxx/.ssh/id_rsa.pub. The key fingerprint is: SHA256:Xo0t6caMB/8TSsigxfY28JIfqYjyqxRZrFrPncx5yiU klashxx@server The key's randomart image is: +---[RSA 2048]----+ |                 | |  .              | |   o .           | |  +   *    =     | | +.  + BSo= o    | |...o.+o+XO...    | |.. .o.E==+B. .   | |o . ...=.o...    | |.+o.  o     ..   | +----[SHA256]-----+

4) Extra ball, cleanup the output, just check the return code:

$ ssh-keygen -q -t rsa -N '' -f ~/.ssh/id_rsa <<<y >/dev/null 2>&1 $ echo $? 0

An alternative path to overwrite the previous RSA file (no -f flag needed)

NOTE: Only bash like shells.

If you don't care about the RSA name and just want to overwrite it, we need to answer these two questions automatically:

Enter file in which to save the key: /example/path/.ssh/id_rsa already exists.

Overwrite (y/n)?

If we do this by hand, for the first question we just need to hit enter, and for the second, type y and press enter.

We can simulate these actions by using the following here-string:

$'\ny'

From the bash man page:

Words of the form $'string' are treated specially. The word expands to "string", with backslash-escaped characters replaced as specified by the ANSI C standard.

\n new line

So, if we use od to analyze our string:

cat - <<< $'\ny' | od -c 0000000  \n   y  \n

We see that we're getting just what we need to answer the questions.

Points 1 and 2 can be summarized into:

ssh-keygen -q -t rsa  <<< $'\ny'

And the final command will be:

$ ssh-keygen -q -t rsa -N '' <<< $'\ny' >/dev/null 2>&1 $ echo $? 0

Kudos

@lukasz-dynowski, @redochka, @mellow-yellow, @yeti and the rest of the folks in this thread.

If you don't want to prompt user for a file in which to save the key then, you can add file output flag -f to the command.

ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa

This way user will not be prompted for any input -unless id_rsa file(s) already exist.

How to execute ssh-keygen without prompt

Tags:

linux

bash

shell

ssh

Jeremy Wang

People also ask

2 Answers

Juan Diego Godoy Robles

Lukasz Dynowski

Recent Activity

Donate For Us

How to execute ssh-keygen without prompt

Tags:

linux

bash

shell

ssh

Jeremy Wang

People also ask

2 Answers

Juan Diego Godoy Robles

Lukasz Dynowski

Related questions

Recent Activity

Donate For Us