LinuxQuestions.org - keygen question

Page 1 of 2

Show 50 post(s) from this thread on one page

LinuxQuestions.org (/questions/)

- Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)

- - keygen question (https://www.linuxquestions.org/questions/linux-newbie-8/keygen-question-4175559248/)

RobInRockCity

11-18-2015 08:01 PM

keygen question

Will this command create a key-pair that is sufficiently secure...

Code:

ssh-keygen -t rsa -b 2048

Thanks,

Rob

Habitual

11-18-2015 08:05 PM

Rob:
It's what I've been using lately, a la:

Code:

ssh-keygen -f $HOME/.ssh/my_ssh_key -t rsa -b 2048 -N '' -q

No questions key generation.

berndbausch

11-18-2015 08:07 PM

Quote:

Originally Posted by RobInRockCity (Post 5451791)

Will this command create a key-pair that is sufficiently secure...

Code:

ssh-keygen -t rsa -b 2048

This depends on the computing power the cracker has. But I'd say 2048 bits is OK.

RobInRockCity

11-18-2015 08:09 PM

Quote:

Originally Posted by Habitual (Post 5451796)

Rob:
It's what I've been using lately, a la:

Code:

ssh-keygen -f $HOME/.ssh/my_ssh_key -t rsa -b 2048 -N '' -q

No questions key generation.

Care to explain what these do...

Code:

-f $HOME/.ssh/my_ssh_key 



-N '' -q

RobInRockCity

11-18-2015 08:10 PM

Quote:

Originally Posted by berndbausch (Post 5451797)

This depends on the computing power the cracker has. But I'd say 2048 bits is OK.

I am trying to create a key pair so I can use CyberDuck to log into my VPS keylessly.

Thanks,

Rob

sgosnell

11-18-2015 08:10 PM

If a nation-state has enough interest in you to devote several super-computers full-time, for a considerable time, to cracking your key, then you might consider increasing the key size. But for normal people, 2048 is sufficient.

RobInRockCity

11-18-2015 08:15 PM

Quote:

Originally Posted by sgosnell (Post 5451801)

Kim Jong-un and I have made up, so I think I'm good in that area. ;)

Habitual

11-18-2015 08:20 PM

Quote:

Originally Posted by RobInRockCity (Post 5451799)

Care to explain what these do...

Code:

-f $HOME/.ssh/my_ssh_key 



-N '' -q

Code:

man ssh-keygen

shows

Code:

-N new_passphrase

            Provides the new passphrase.

...

-q      Silence ssh-keygen

RobInRockCity

11-18-2015 08:24 PM

Quote:

Originally Posted by Habitual (Post 5451808)

Code:

man ssh-key

shows

Code:

-N new_passphrase

            Provides the new passphrase.

...

-q      Silence ssh-keygen

When I typed man ssh-key in my MacBook I got...

Quote:

No manual entry for ssh-key

If you don't put -N then it won't prompt for a passphrase?

And what does "silence" mean?

Habitual

11-18-2015 08:45 PM

Code:

man ssh-keygen

Sorry.

berndbausch

11-19-2015 03:22 AM

Quote:

Originally Posted by RobInRockCity (Post 5451805)

Kim Jong-un and I have made up, so I think I'm good in that area. ;)

And Barack?

RobInRockCity

11-19-2015 11:48 PM

Is the following tutorial correct from a technical standpoint? (It certainly reads well.)

Make a passwordless SSH Connection between OS-X and Linux Server

As a *nix newbie, I can't comment on the correctness of all the *nix commands, other than the choice of the # of bits is too low.

Thanks,

Rob

Habitual

11-20-2015 06:52 AM

but the tutorial is showing how to make a 1024 key.

RobInRockCity

11-20-2015 10:07 AM

Quote:

Originally Posted by Habitual (Post 5452615)

but the tutorial is showing how to make a 1024 key.

Right, but I think the rest of the steps in the tutorial look okay. But since I'm not a *nix expert, I don't know.

So...

Habitual

11-20-2015 10:36 AM

Quote:

Originally Posted by RobInRockCity (Post 5452712)

Right, but I think the rest of the steps in the tutorial look okay. But since I'm not a *nix expert, I don't know.

So...

That's a sad and sorry excuse.
Be responsible. redo the screenshot and update the textual instructions for 2048.

All times are GMT -5. The time now is 04:10 PM.

Page 1 of 2

Show 50 post(s) from this thread on one page