I added a ssh key.
ssh-keygen -t rsa -b 4096 -C "my email"
Generating public/private rsa key pair.
Enter file in which to save the key (C:\Users\user-name/.ssh/id_rsa):testkey
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in testkey.
Your public key has been saved in testkey.pub.
I tried commands like ls -al ~/.ssh and cat ~/.ssh/id_rsa.pub to find it. Didn't help.
Than i created a .ssh folder in my user directory using mkdir ${HOME}/.ssh and tied to create another SSH key. I did it in VS Code so it told me
testkey already exists.
Overwrite (y/n)?
Then i decided to cat testkey.pub and it returned me a key. Than i checked my local repo and found 2 files testkey and testkey.pub
So why it can't save in C:\Users\user-name/.ssh/id_rsa ?
I obviously don't want to store it my local project repo
I am still learning. Was watching Course about Git but got stuck on 22:00 with this problem
Enter file in which to save the key (C:\Users\user-name/.ssh/id_rsa):testkey
You entered filename without full path so ssh-keygen saves the keypair in the current directory. The answer should be
Enter file in which to save the key (C:\Users\user-name/.ssh/id_rsa):C:\Users\user-name/.ssh/testkey
Or
C:
cd \Users\user-name\.ssh
ssh-keygen
Enter file in which to save the key (C:\Users\user-name/.ssh/id_rsa):testkey
I'm trying to store (append) the public key to a file (~/.ssh/authorized_keys) for a private key (private-key.pem) that actually is stored in s3, all using bash script.
Retrieving public key using a file:
ssh-keygen -y -f /path/to/private-key.pem
Output:
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQClKsfkNkuSevGj3eYhCe53pcjqP3maAhDFcvBS7O6V
hz2ItxCih+PnDSUaw+WNQn/mZphTk/a/gU8jEzoOWbkM4yxyb/wB96xbiFveSFJuOp/d6RJhJOI0iBXr
lsLnBItntckiJ7FbtxJMXLvvwJryDUilBMTjYtwB+QhYXUMOzce5Pjz5/i8SeJtjnV3iAoG/cQk+0FzZ
qaeJAAHco+CY/5WrUBkrHmFJr6HcXkvJdWPkYQS3xqC0+FmUZofz221CBt5IMucxXPkX4rWi+z7wB3Rb
BQoQzd8v7yeb7OzlPnWOyN0qFU0XA246RA8QFYiCNYwI3f05p6KLxEXAMPLE
Then manually add the content to the dest file, this is fine, but I want to do it with a command, retrieving a file stored in a s3 (public url) and append the content output to a file (~/.ssh/authorized_keys).
I tried this:
ssh-keygen -y -f /dev/stdin <<< `curl https://bucket.s3.amazonaws.com/private-key.pem` >> ~/.ssh/authorized_keys
Output:
Load key "/dev/stdin": invalid format
And this:
curl https://bucket.s3.amazonaws.com/private-key.pem | ssh-keygen -y -f /dev/stdin >> ~/.ssh/authorized_keys
Output:
Permissions 0660 for '/dev/stdin' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Load key "/dev/stdin": bad permissions
After looking other related question, found that fifo or named pipes can have permissions, so I tried this and worked as expected, hope it helps anyone.
create named pipe with permission (pipe with name fifo)
mkfifo -m 600 fifo
run command pointing that pipe
curl -s https://bucket.s3.amazonaws.com/private-key.pem > fifo | ssh-keygen -y -f fifo >> ~/.ssh/authorized_keys
all in one command
mkfifo -m 600 fifo && curl -s https://bucket.s3.amazonaws.com/private-key.pem > fifo | ssh-keygen -y -f fifo >> ~/.ssh/authorized_keys
I have a private key under ~/.ssh/id_rsa. Running ssh-keygen -l -f ~/.ssh/id_rsa confirms that the key is valid.
I'm trying to create another file containing this key. For example,
cp ~/.ssh/id_rsa ~/.ssh/id_rsa.dupe
chmod 0400 ~/.ssh/id_rsa (to make permissions the same for both files)
But when I run ssh-keygen -l -f ~/.ssh/id_rsa.dupe, I get ~/.ssh/id_rsa.dupe is not a key file.
This is expected behavior. ssh-keygen -l refers to a public key file, per its documentation:
-l Show fingerprint of specified public key file.
If you want to generate a private key and generate a public key, you can use -y to do that:
ssh-keygen -y -f ~/.ssh/id_rsa.dupe >~/.ssh/id_rsa.dupe.pub
ssh-keygen -l -f ~/.ssh/id_rsa.dupe.pub
What does the ssh-copy-id command do, exactly? I've used it numerous times and it works great. However, when I try to manually cut and paste my .pub keyfile to my remote authorized_keys, it doesn't work.
I've compared the contents of my authorized_keys file where I've cut and pasted the .pub into it vs subsequently using ssh-copy-id and I'm not seeing any differences between the two, including whitespace.
Is there anything that ssh-copy-id does beyond copying the public key into authorized_keys?
This little one liner script works on sh, bash, and zsh. I use it every time there is no ssh-copy-id, for example when I'm on older version of OSX.
cat ~/.ssh/id_rsa.pub | ssh <user>#<hostname> 'cat >> ~/.ssh/authorized_keys'
How it works
I am sending the public keay to the Unix standard output (STDOUT) using the cat command. I then connect the STDOUT of cat to the standard input (STDIN) of the ssh.
The ssh executes the cat command on the server. Remember that the we have our key in the STDIN now? This key gets passed from ssh to the cat command executed on a server. The >> operator redirects the STDOUT of the cat to the end of the ~/.ssh/authorized_keys file. This way the key from public keys is appended to the authorized_keys on the server.
IMO It's better than manual copying and pasting: in this case you know exactly what content will end up in the file
I usually copy-paste keys into authorized_keys as you describe (I forget about ssh-copy-id), so it can work. Note thatchmod 600 ~/.ssh/authorized_keys is required if you're creating the file.
ssh-copy-id is a shell script so you can open it in a text editor to see what it does, this looks like the relevant bit:
printf '%s\n' "$NEW_IDS" | ssh "$#" "
umask 077 ;
mkdir -p .ssh && cat >> .ssh/authorized_keys || exit 1 ;
if type restorecon >/dev/null 2>&1 ; then restorecon -F .ssh .ssh/authorized_keys ; fi"
restorecon in the last line restores default SELinux security contexts. I haven't had to run that, but it might be necessary in your case.
I am trying to copy a public key to the clipboard on macOS, but I keep getting "no such file or directory." The command I am using is pasted below
pbcopy < ~/.ssh/id_rsa.pub
cat ~/.ssh/id_rsa.pub
then you can copy your ssh key
To copy your public key to the clipboard
cat ~/.ssh/id_rsa.pub | pbcopy
This pipes the output of the file to pbcopy.
Another alternative solution, that is recommended in the github help pages:
pbcopy < ~/.ssh/id_rsa.pub
Should this fail, I recommend using their docs to trouble shoot or generate a new key - if not already done.
Github docs
Check the path where you have generated the public key. You can also copy the id_rsa by using this command:
clip < ~/.ssh/id_rsa.pub
Your command is right, but the error shows that you didn't create your ssh key yet. To generate new ssh key enter the following command into the terminal.
ssh-keygen
After entering the command then you will be asked to enter file name and passphrase. Normally you don't need to change this. Just press enter. Then your key will be generated in ~/.ssh directory. After this, you can copy your key by the following command.
pbcopy < ~/.ssh/id_rsa.pub
or
cat .ssh/id_rsa.pub | pbcopy
You can find more about this here ssh.
For using Git bash on Windows:
cat ~/.ssh/id_rsa.pub > /dev/clipboard
(modified from Jupiter St John's post on Coderwall)
Windows:
cat ~/.ssh/id_rsa.pub
Mac OS:
cat ~/.ssh/id_rsa.pub | pbcopy
With PowerShell on Windows, you can use:
Get-Content ~/.ssh/id_rsa.pub | Set-Clipboard
To copy your public ssh key on a Windows machine you can do:
Go to the "/ssh" folder
cd C:\Users\<your-user>\.ssh\
List to see the keys
ls ~/.ssh
Copy the public key to clipboard(starts with "id_" and ends with ".pub")
type id_xxxxxxx.pub | clip
Does the file ~/.ssh/id_rsa.pub exist? If not, you need to generate one first:
ssh-keygen -t rsa -C "your_email#example.com"
Another alternative solution:
cat ~/.ssh/id_rsa.pub | xsel -i -b
From man xsel :
-i, --input
read standard input into the selection.
-b, --clipboard
operate on the CLIPBOARD selection.
Although the OP mentions one possible ssh key file name (id_rsa.pub), no one has mentioned that there are different possible names for your ssh key.
Github accepts three, for example:
id_rsa.pub
id_ecdsa.pub
id_ed25519.pub
You would be better off checking if you have any keys, such as:
$ ls -al ~/.ssh
# Lists the files in your .ssh directory, if they exist
Based on what you find, then use your copy command, such as
pbcopy < ~/.ssh/<your_key>
See Github's Documentation on checking for existing keys.
cat .ssh/id_rsa.pub | bcopy
This works for me.