Cheat Sheet logoCheat Sheet Today
OpenSSH Server Admin Cheat Sheet/Generate a user CA key

Create a key pair for signing user certificates.

Back to sheetBrowse commands
Sign in to save
Section: Server Keys and Certificates

Generate a user CA key

bash
bash
ssh-keygen -t ed25519 -f ~/.ssh/ca_user -C 'user CA'
Explanation

Create a key pair for signing user certificates.

View in sheet →

Learn the surrounding workflow

Compare similar commands or jump into common fixes when this command is part of a bigger troubleshooting path.

Compare commandsView fixes

Related commands

Same sheet · prioritizing Server Keys and Certificates
Sign a user public key
Create a short-lived user certificate from a CA.
OpenIn sheetbashsame section
Trust a user CA in sshd_config
Allow user certificates signed by a trusted CA.
OpenIn sheetsshdconfigsame section
Trust a host CA in known_hosts
Trust host certificates signed by a CA.
OpenIn sheettextsame section
Generate a host Ed25519 key
Create an Ed25519 host key for sshd.
OpenIn sheetbashsame section
Test sshd configuration
Validate sshd_config syntax before restart.
OpenIn sheetbash1 tag match
Disable password authentication
Require key-based authentication on the server.
OpenIn sheetsshdconfig1 tag match