2

I used ssh-keygen -t rsa to generate a pair of keys. The public key is stored in the file "id_rsa.pub", which contains "ssh-rsa AAA...idJ [email protected]".

Then I used ssh-keygen -y (mentioned in how can I check my rsa passphrase?) to get the SSH public key. However, the public key obtained using this method contains "ssh-rsa AAA...idJ" only. (i.e. it does not have the last part " [email protected]")

I would like to ask why is there a difference in the public key generated via these two methods.

Improve this question

1 Answer 1

Reset to default
2

There is no difference in the key itself. The last part is a "comment" field.

If you're using the traditional-format id_rsa key file (the one that starts with "RSA PRIVATE KEY"), it simply did not have any standard place to store the comment, so ssh-keygen has nowhere to get it from. (It's a generic key format that OpenSSH adopted because its crypto library already had it.)

The "new" OpenSSH private key format (the one which says "OPENSSH PRIVATE KEY") does have a comment field and ssh-keygen can extract it just fine. If you want to convert your private key, you can use ssh-keygen -p on new OpenSSH versions; ssh-keygen -o -p on slightly older ones, followed by actually setting a new comment using ssh-keygen -c.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.