Menu
I am trying to call ssh-keygen using a variable through bash as an input instead of a file to get a fingerprint of a public key. I am aware that I could use a temp file to get around this issue, but for reasons out of scope of this question, I do not want to.
This method does not work as it says the key file is invalid (it's correct for sure)
echo $pubkey | ssh-keygen -lf /dev/stdin This does work, but is not using a variable, rather a file.
ssh-keygen -lf alpha.pub This does work, but is not using a variable, rather a redirected file.
ssh-keygen -lf /dev/stdin < alpha.pub This does not work because I get an ambiguous redirect
ssh-keygen -lf /dev/stdin < $(echo $pubkey) I would appreciate some insight as to how to get ssh-keygen to read from a variable with a public key and if possible, an explanation as to why the redirects aren't doing what I think they should be doing. In specific why the | behaves differently than the < and why the third example is an ambiguous redirect. I searched online but many of the redirect tutorials didn't seem to answer my questions.
542
The supported key formats are: “RFC4716” (RFC 4716/SSH2 public or private key), “PKCS8” (PKCS8 public or private key) or “PEM” (PEM public key). By default OpenSSH will write newly-generated private keys in its own format, but when converting public keys for export the default format is “RFC4716”.
Generating a SSH keyNavigate to the Triton Portal and open the Account Summary. From the SSH section, select Create SSH Key. In the Create SSH Key dialog, enter a Key Name and then select Create Key. The private and public SSH key pairs generate.
Conclusion. When it comes down to it, the choice is between RSA 2048/4096 and Ed25519 and the trade-off is between performance and compatibility. RSA is universally supported among SSH clients while EdDSA performs much faster and provides the same level of security with significantly smaller keys.
ssh-keygen , the OpenSSH command used to generate keys, uses the OpenSSL library, so there's really no difference between the two methods. You can safely use ssh-keygen which is the default and more immediate tool to create a key pair for SSH pubkey authentication. OpenSSH can be built without OpenSSL since 2014.
echo $pubkey | ssh-keygen -lf /dev/stdin /dev/stdin is not a public key file. /dev/stdin is actually a unix pipe, not a regular file, so ssh-keygen fails to open the file
ssh-keygen -lf /dev/stdin <<<$key 1024 92:6a:3f:5c:1f:78:..... /dev/stdin refers to a regular file, created by using a bash heredoc. You can verify this:
# ls -l /dev/stdin <<<$pubkey lrwxrwxrwx 1 root root 15 Feb 11 08:07 /dev/stdin -> /proc/self/fd/0 # ls -l /proc/self/fd/0 <<<$pubkey lr-x------ 1 juergen juergen 64 Apr 14 13:31 /proc/self/fd/0 -> /tmp/sh-thd-1271250023 (deleted) If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
