Profile picture
Sidharth R

One Line Command to Create an SSH Key

Updated: ⚬ Page views: loading...

Of late, I have been creating a lot of SSH keys. I am tired of answering each question that one gets asked during such a process. So, I thought of looking up all the switches (options) for the ssh-keygen command so that I can specify everything at once.

Here is the command:

For bash:

ssh-keygen -t ed25519 -b 4096 -C "you@mail.com for Gitlab" -N "" -f "/home/usr/.ssh/key"

For powershell:

ssh-keygen -t ed25519 -b 4096 -C "you@mail.com for Gitlab" -N '""' -f "C:\Users\uname\.ssh\keyname"

Description

The above command generates an SSH key pair using the ed25519 algorithm with a 4096-bit key length, and saves the private and public keys with the specified name (and location).

Here is a full breakdown of the command:

  • ssh-keygen: The command used to generate an SSH key pair.

  • -t ed25519: This specifies the type of algorithm to use for generating the key pair. In this case, it’s ed25519, which is a newer and more secure algorithm than the default RSA.

  • -b 4096: This specifies the length of the key in bits. A longer key is generally more secure, and 4096 bits is currently considered a safe key length.

  • -N ‘""’: The N option specifies the passphrase. In this case, we are adding an empty string (""), which will bypass the passphrase prompt.

  • -C you@mail.com: This adds a comment to the public key, which can be useful for distinguishing a key from others or for providing additional information a key.

  • -f “C:\Users\uname\.ssh\keyname”: This specifies the file name and location where the key pair should be saved. In this case, the file path is for a Windows system, which uses backslashes as path separators. For a Linux based OS, it is usually, ~/.ssh/KEY_FILENAME.

Note: if the specified directory does not exist, it will be created automatically.

Keep in mind that generating an SSH key without a passphrase is less secure because anyone who gains access to your private key will have unrestricted access to any system that trusts your public key. Only generate an SSH key without a passphrase if you have a good reason and understand the security implications.