The fingerprint is a unique sequence of letters and numbers used to identify the SSH RSA key.
It is the fingerprint of a key that is verified when you try to connect to a remote host using SSH.
In this note i will show how to generate the md5
and sha256
fingerprints of the SSH RSA key from the command line using the ssh-keygen
command.
Get SSH RSA Key Fingerprint
Get md5
fingerprint of the SSH RSA key:
$ ssh-keygen -E md5 -lf ~/.ssh/id_rsa 2048 MD5:82:0c:cb:cb:59:47:b6:4d:91:d9:15:dd:d3:c4:7b:36 id_rsa (RSA)
To generate the standard sha256
fingerprint from the SSH RSA key, execute:
$ ssh-keygen -lf ~/.ssh/id_rsa 2048 SHA256:0zrspFNBJWeJjMtP7Q0oGF7KfloFyKRRQfUSm0Qqi18 id_rsa (RSA)
The Same Fingerprint: The fingerprint of the private SSH RSA key and the related public one should be the same, i.e. the fingerprint of the .ssh/id_rsa
should be the same as the one for the .ssh/id_rsa.pub
.
Option | Description |
---|---|
-l |
Show fingerprint of specified SSH RSA key file. |
-f |
Specifies the filename of the SSH RSA key file. |
-E |
Specifies the hash algorithm used when displaying key fingerprints. Valid options are: md5 and sha256 . The default is sha256 . |