I want to generate an ssh key-pair but i came across with two different ways of doing that.One is using openssl and the other is ssh-keygen.
Is there any difference as to the outcome/the final key of those two methods?
Asked
Active
Viewed 1.4k times
12
-
3Check [this Q/A](https://security.stackexchange.com/questions/29876/what-are-the-differences-between-ssh-generated-keysssh-keygen-and-openssl-keys) in [security.se] – dawud Jun 02 '16 at 08:45
-
2Indeed there is some difference - try `openssl genrsa -out mykey.pem 1024` and `ssh-keygen -t rsa -P '' -f key -b 1024` - even file size will be different. But also Terraform (https://www.terraform.io/docs/providers/tls/d/public_key.html) can't work with the one created by `ssh-keygen`. I wish someone explained why. – Ivan Mar 16 '19 at 19:35
1 Answers
13
ssh-keygen, the OpenSSH command used to generate keys, uses the OpenSSL library, so there's really no difference between the two methods.
You can safely use ssh-keygen which is the default and more immediate tool to create a key pair for SSH pubkey authentication.
dr_
- 1,085
- 12
- 19
-
OpenSSH can be built without OpenSSL since 2014. See [this Answer](https://security.stackexchange.com/a/74343/21184). – Basil Bourque Jul 12 '19 at 22:03