I need to do the ssh key audit for GitHub, but I am not sure how do find my RSA key fingerprint. I originally followed a guide to do the set up on a ubuntu 10.04 box hosted by linode.
What is the command I need to enter to find my current RSA key fingerprint if I am logged remotely using Putty?
Run the following command to retrieve your SSH RSA fingerprint (
-l means "list" instead of create a new key,
-f means "filename"):
$ ssh-keygen -lf /path/to/ssh/key
So for example, on my machine the command I ran was:
$ ssh-keygen -lf ~/.ssh/id_rsa.pub
Concrete example (if you use an RSA public key):
$ ssh-keygen -lf ~/.ssh/id_rsa.pub 2048 00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff /Users/username/.ssh/id_rsa.pub (RSA)
With newer versions of ssh-keygen, run
ssh-keygen -E md5 -lf <fileName> if you want the same format as old (thanks Lloyd Dewolf)
ssh-keygen -lf also works on
Find most public on a Linux/Unix/OSX system with
find /etc/ssh /home/*/.ssh /Users/*/.ssh -name '*.pub' -o -name 'authorized_keys' -o -name 'known_hosts' (If you want to see inside other users' homedirs, you'll have to be root or sudo.)
ssh-add -l is very similar but lists the fingerprints of keys added to your agent. (OSX users take note that magic passwordless ssh via Keychain is not the same as using ssh-agent.)