There will be times when you need to actually view your SSH certificates on Linux. Why? Say, for example, you need to add a certificate for authentication on GitHub (or any other online service that requires SSH authentication). You know you’ve created those SSH certificates, but how do you view them?
SEE: Explore this identity theft protection policy from TechRepublic Premium.
For those who are familiar with SSH, you probably already know the answer to that question. After all, this is pretty basic SSH stuff. For those who are new to the ways of SSH (or Linux, macOS or Windows for that matter), the task might stump you.
Never fear, that’s why I’m here.
I want to show you just how easy it is to view those SSH keys, so you can use them for third-party services.
Featured Partners: Remote Monitoring and Management Software
What you’ll need
The only thing you’ll need for this is access to a server or desktop (Linux, macOS or Windows) and an SSH key created. If you’ve not already created your SSH key pair, you can do so with the command:
ssh-keygen
That command will generate a key pair, both public and private keys. The public key is that which you send to servers for SSH key authentication. When you attempt to log in to that server, SSH will compare the public and private keys. If those keys are a match, you’ll be allowed access. Simple enough. You’re ready to move on.
How to view your SSH public key on Linux
There are two easy ways to view your SSH public key in Linux: using the cat command or using both the ssh-agent and ssh-add commands, which is a bit more complicated. The second method is probably overkill for what you need, but it’s a good way to view the key while requiring your SSH keypair password.
Using the ssh-agent command
- Run the command:
ssh-agent sh -c 'ssh-add; ssh-add -L'
- Upon successful authentication, your SSH public key will print out in the terminal.
- You can then copy that and paste it where you need it.
If you don’t want to have to memorize yet another command, you could simply use the cat command.
Using the cat command
- Run the command:
cat ~/.ssh/id_rsa.pub
- The command will print out your SSH key on your Linux machine without prompting you for your key authentication password.
How to view your SSH public key on macOS
Viewing your keys on macOS can be done in a similar fashion as on Linux.
To view the SSH public key on macOS
- Open your terminal window, and run the command
cat ~/.ssh/id_rsa.pub
or
cat /Users/USERNAME/.ssh/id_rsa.pub
Where USERNAME is your macOS username.
- The above commands will print out your SSH public key.
macOS also has one more nifty trick up its sleeve. You can copy the contents of the SSH key directly to the clipboard, without displaying the key, using the pbcopy tool.
To copy the SSH public key on Mac
- Run the command:
cat ~/.ssh/id_rsa.pub | pbcopy
- Once you’ve copied the key to your clipboard, you can paste it wherever you need it.
How to view your SSH public key on Windows
If you have not generated an SSH Key yet, you can generate one now.
To generate an SSH public key on Windows
- Run the command:
ssh-keygen
- You’ll be asked where to save the key.
- If you use the defaults, it will save your keys in C:\User[YourUserName].sshid.
- You will then be prompted to enter a passphrase. You can hit Enter for an empty/no passphrase.
- It will then ask you to confirm the passphrase.
- Your key will be generated.
To view your SSH public key on Windows
- Run the command:
type ~\.ssh\id_rsa.pub
Where USERNAME is the name of your user.
- The command will display your SSH public key.
- Now, use the Ctrl+C keyboard shortcut to copy the contents of the file.
You can also do something similar to what we did on macOS (copying the SSH public key directly to the clipboard).
To copy the SSH public key on Windows
- Issue the command:
type ~\.ssh\id_rsa.pub | clip
Where USERNAME is your username.
- Now, paste that key on a word processor or wherever you need it.
How to view your private key
Chances are, you’re never going to have to view your private key. After all, that’s the secret in the sauce that’s never on display for anyone to see. But on the off chance you do need to view that key, you can follow the same steps as above, but remove the .pub from the file name in any instance.
Remember, id_rsa is the private key, and id_rsa.pub is the public key. And that’s all there is to viewing your SSH public and private keys on Linux, macOS, and Windows.
Be sure to treat these keys with the care and security they deserve. Although your public key will be handed out to other users and services, that private key needs to be tucked away and never shown to the public.
If you do accidentally release that private key, you’ll need to:
- Remove the public key from the authorized_keys file on every server that uses the key pair.
- Delete the public and private keys on the host.
- Generate a new key pair.
- Send the new key pair to the servers you need to log in to with SSH key authentication.
If you leave any trace of that compromised key pair on any server or desktop, you run the risk of allowing someone access.