SSH Keys and Agent Cheat Sheet

SSH•Permalink

SSH key generation, authorized_keys management, ssh-keyscan, host keys, ssh-agent, ssh-add, and certificate basics.

View

Standard Detailed Compact

Export

Copy the compact sheet, download it, or print it.

Download

`D` dense toggle · `C` copy all

## Key Generation

Generate an Ed25519 key

↗#

ssh-keygen -t ed25519 -C 'you@example.com'

# Create a modern SSH key pair.

Generate an RSA key

↗#

ssh-keygen -t rsa -b 4096 -C 'you@example.com'

# Create an RSA key pair for compatibility when needed.

Generate a key at a custom path

↗#

ssh-keygen -t ed25519 -f ~/.ssh/id_work_ed25519 -C 'work key'

# Write a key pair to a chosen file.

Generate a key without passphrase

↗#

ssh-keygen -t ed25519 -N '' -f ~/.ssh/id_ci_ed25519

# Skip passphrase prompts, usually only for automation accounts.

Change key passphrase

↗#

ssh-keygen -p -f ~/.ssh/id_ed25519

# Update the passphrase on an existing private key.

Show a key fingerprint

↗#

ssh-keygen -lf ~/.ssh/id_ed25519.pub

# Print the fingerprint of a public key file.

Show randomart for a key

↗#

ssh-keygen -lvf ~/.ssh/id_ed25519.pub

# Display a visual fingerprint representation.

Extract public key from private key

↗#

ssh-keygen -y -f ~/.ssh/id_ed25519 > ~/.ssh/id_ed25519.pub

# Regenerate the public half from a private key.

## Authorized Keys and Host Keys

Install your public key on a server

↗#

ssh-copy-id -i ~/.ssh/id_ed25519.pub user@example.com

# Append your public key to a remote account's authorized_keys.

Install key on custom port

↗#

ssh-copy-id -i ~/.ssh/id_ed25519.pub -p 2222 user@example.com

# Use ssh-copy-id with a non-default SSH port.

Scan a host key

↗#

ssh-keyscan example.com

# Fetch a server host key without logging in.

Add a host key to known_hosts

↗#

ssh-keyscan -H example.com >> ~/.ssh/known_hosts

# Append a scanned host key to your known_hosts file.

Find a host in known_hosts

↗#

ssh-keygen -F example.com

# Search known_hosts for a specific host entry.

Remove a host from known_hosts

↗#

ssh-keygen -R example.com

# Delete stale host key entries for a host.

Hash known_hosts file

↗#

ssh-keygen -H -f ~/.ssh/known_hosts

# Hash hostnames in known_hosts for privacy.

Sign a host key with a CA

↗#

ssh-keygen -s ~/.ssh/ca_host -I host-web01 -h -n web01.example.com /etc/ssh/ssh_host_ed25519_key.pub

# Create a host certificate from a host CA key.

## ssh-agent and ssh-add

Start ssh-agent in current shell

↗#

eval "$(ssh-agent -s)"

# Start an agent and export its environment variables.

Add default key to agent

↗#

ssh-add ~/.ssh/id_ed25519

# Load the default identity into ssh-agent.

List loaded keys

↗#

ssh-add -l

# Show fingerprints of identities currently loaded in the agent.

List public keys in agent

↗#

ssh-add -L

# Print public keys currently loaded in the agent.

Remove one key from agent

↗#

ssh-add -d ~/.ssh/id_ed25519

# Delete a specific key from the agent.

Remove all keys from agent

↗#

ssh-add -D

# Clear all identities from the agent.

Require confirmation before using a key

↗#

ssh-add -c ~/.ssh/id_ed25519

# Load a key that prompts for confirmation on each use.

Set agent key lifetime

↗#

ssh-add -t 1h ~/.ssh/id_ed25519

# Load a key that expires automatically from the agent.

More in SSH

OpenSSH Server Admin Cheat Sheet

sshd administration, config validation, systemd control, logging, hardening, authorized keys, and certificates.

SSH Tunnels and Forwarding Cheat Sheet

Local, remote, and dynamic SSH forwarding with practical database, web, and bastion tunnel recipes.

SCP and SFTP Cheat Sheet

SSH-based file transfer with scp and sftp, including recursive copies, jump hosts, interactive commands, and batch mode.

SSH Config Cheat Sheet

Client-side SSH configuration examples for aliases, defaults, patterns, includes, ProxyJump, multiplexing, and effective config inspection.

SSH Cheat Sheet

Comprehensive SSH client commands for login, remote execution, auth, multiplexing, jump hosts, and practical options.

Recommended next

No recommendations yet.

Browse all sheets →