Talk:Ssh-keygen

Open questions

• Sometimes, this article calls $HOME/.ssh/id_rsa/$HOME/.ssh/id_dsa the private key, sometimes authentication identity. Is this correct?
• This article currently has the following two statements
  • The private key was saved in .ssh/id_rsa file which is the read-only file. No one else must see the content of that file, as it is used to decrypt all correspondence encrypted with the public key.
  • This file should not be readable by anyone but the user.
    • Considering the fact that home directories are not file-system encrypted by default, isn't it a security flaw to have this file stored in the file system?
    • Why is there a private key when there also is a passphrase?

--Abdull (talk) 16:31, 5 April 2012 (UTC)

I would prefer to see the private key called that consistently, but it is correct to call that your "authentication identity".

As for the security implications of storing your private key on the filesystem - yes, that has some level of insecurity. Maybe you don't trust your system administrator to not copy your private key (you can solve that by having a passphrase). Maybe you don't trust that your kernel hasn't been hacked and will transfer your private key to the mafia. And so on. At some point, the key will need to be loaded into memory. If you can't trust your computer to do that securely, then why are you using it at all?

As long as only you and root can read the file, you should be safe-ish. If you don't trust root (and unless you and only you are root, you shouldn't), then you should have a passphrase on your key. (You can think of having a passphrase on your key like keeping your key inside a safe. You'll need to know the safe's combination to get the key, which you can then use to access the server. Unless root takes your key, and also knows the passphrase, you're ok)

209.217.100.70 (talk) 20:19, 23 April 2012 (UTC)

• I think id_rsa stores BOTH the private key and the public key, because even if I delete the id_rsa.pub file, I can still connect to the server. How would it be possible if the public key wasn't stored in id_rsa too? After all, the public key must be sent to the remote server while making a connection. Am I correct? So, I think that's why id_rsa is called "identity" instead of "private key", because it contains both keys.

• Speaking of the passphrase - I think it is used to generate a symmetric-encryption key used to encyprt/decrypt the private key. The passphrase and the symmetric key it generates, are never saved on disk. If I'm wrong, feel free to correct me ^^. — Preceding unsigned comment added by 77.113.203.114 (talk) 20:08, 4 April 2013 (UTC)

Substantial rework

Mainly I tried to improve the organization, adopting a more declarative tone, while adding quite a few contextual links. As new material I added the recent ECDSA support (with far less citation that I normally like—I relied entirely on internal citation to other Wikipedia articles).

I'm definitely a Wikipedia inclusionist. Even by my standards, I find this page less substantial in its own right than the vast majority of Wikipedia articles. On the flip side, ssh-keygen is extremely widely used and it's no easy matter to piece together the kind of concise overview from the online documentation diaspora that this article now provides. Perhaps this article attests in a small way that the criteria of "encyclopaedic" should sometimes give way to "reference worthy" on the principle that 100,000 dog ears can't be wrong. — MaxEnt 09:01, 2 February 2016 (UTC)

I thought the default ECDSA in ssh-keygen was using curve p256, and curve25519 was treated as a different key type. Either way, the maximum key length of those is below the article's stated minimum of 768 bits. This article needs some updating. Jbo5112 (talk) 19:54, 20 July 2016 (UTC)