ssh-keygen: command not found

ssh-keygen utility generates, manages, and converts authentication keys for ssh. When using ssh-keygen to create a key, the -t option must be specified to identify the type of key to create.

The ssh-keygen utility generates an SSH key pair for authentication with the server. This utility is bundled with OpenSSH and by default, it creates a 2048-bit RSA key pair. It supports RSA and DSA, both with different lengths of keys. A key length of 4096 bits is recommended for establishing a secure connection between two machines.

You might encounter the below error when generating an ssh-key for your client:

-bash: ssh-keygen: command not found

The ssh-keygen comes bundled with the OpenSSH package, but in case you do not have it installed on your system, you can install it using the below commands as per your choice of the operating system.

ssh-keygen Command Examples

1. Generate a key interactively:

$ ssh-keygen

2. Specify file in which to save the key:

$ ssh-keygen -f {{~/.ssh/filename}}

3. Generate an ed25519 key with 100 key derivation function rounds:

$ ssh-keygen -t {{ed25519}} -a {{100}}

4. Generate an RSA 4096-bit key with email as a comment:

$ ssh-keygen -t {{dsa|ecdsa|ed25519|rsa}} -b {{4096}} -C "{{comment|email}}"

5. Remove the keys of a host from the known_hosts file (useful when a known host has a new key):

$ ssh-keygen -R {{remote_host}}

6. Retrieve the fingerprint of a key in MD5 Hex:

$ ssh-keygen -l -E {{md5}} -f {{~/.ssh/filename}}

7. Change the password of a key:

$ ssh-keygen -p -f {{~/.ssh/filename}}

8. Change the type of the key format (for example from OPENSSH format to PEM), the file will be rewritten in-place:

$ ssh-keygen -p -N "" -m {{PEM}} -f {{~/.ssh/OpenSSH_private_key}}