Automating "enter" keypresses for bash script generating ssh keys

Question

I would like to create script, which simply runs ssh-keygen -t rsa. But how to pass to it 3 times enter?

Rudu · Accepted Answer · 2010-09-08T13:23:37.010

234

Try:

ssh-keygen -t rsa -N "" -f my.key

-N "" tells it to use an empty passphrase (the same as two of the enters in an interactive script)

-f my.key tells it to store the key into my.key (change as you see fit).

The whole thing runs without you needing to supply any enter keys :)

To send enters to an interactive script:

echo -e "\n\n\n" | ssh-keygen -t rsa

edited Sep 08 '10 at 13:23

answered Sep 07 '10 at 14:42

Rudu

15,682
4
47
63

4

It is correct anwser, but i still would like to know how to press enter more then one time - in another script. – Sławosz Sep 07 '10 at 14:45
3

Sure thing - updated the answer to include how to send newlines to a script. – Rudu Sep 07 '10 at 14:47
2

echo -e "\n\n\n" | sshkeygen -t rsa is not working for me, can you try it yourself? It pass only first enter. But on other, simple script it works. – Sławosz Sep 08 '10 at 10:00
1

I tested it before I posted it - it works fine, although it looks like the dash from `ssh-keygen` got dropped - did you add that back in? {edited} Also - you can't run the script more than once - it changes the questions to confirm you want to overwrite the existing `_rsa` keyfile (so a y or n needs to be supplied) – Rudu Sep 08 '10 at 13:23
13

I'd recommend using `yes ""` instead of `echo -e "\n\n\n"` (`yes` outputs whatever argument is given [or "y" by default] in infinity – perfect for these situations where one just want to provide a "yes" answer to whatever a program might prompt for). `yes` is shorter, and should `ssh-keygen` ever add a question, that will automatically be answered in too. :) – zrajm Apr 24 '15 at 11:08
@zrajm how would that be used? `yes "" | ssh-keygen...` ? because it doesn't seem to work – eis Mar 23 '16 at 14:33
'yes "y"|...` didn't work. Only sent it to the first prompt. – Mannix Jul 23 '18 at 17:52
I've tested all the above. None work. This works: `echo -e "\n"|ssh-keygen -t rsa -N ""` – Mannix Jul 23 '18 at 17:56
1

`echo -e` isn't *guaranteed* to work at all -- even in bash, it will just echo `-e` as literal output when both `xpg_echo` and `posix` flags are enabled; non-bash shells may treat it that way out-of-the-box. `printf '\n'` is much more reliable. See the APPLICATION USAGE section of [the POSIX `echo` spec](http://pubs.opengroup.org/onlinepubs/9699919799/utilities/echo.html). – Charles Duffy Jul 23 '18 at 18:04
I made slight modification so I could use this for GitHub - `echo -e "\n\n\n" | ssh-keygen -t rsa -b 4096 -C "myemail@someaccount.com"`. Worked great. Thanks @Rudu – AnnawanDev Jan 03 '19 at 21:15
For Windows use `-N '""'` https://stackoverflow.com/questions/10767488/automate-ssh-keygen-t-rsa-so-it-does-not-ask-for-a-passphrase/14946700 – JohnLBevan Aug 11 '20 at 16:33

Michel Marro · Answer 2 · 2015-05-28T15:36:19.383

22

a version with passphrase is:

$ ssh-keygen -t rsa -b 4096 -C "comment" -P "examplePassphrase" -f "desired pathAndName" -q

the -q is for silent

Source is http://linux.die.net/man/1/ssh-keygen

edited May 28 '15 at 15:36

answered May 28 '15 at 14:42

Michel Marro

347
2
6

4

Use -P for an existing passphrase, use -N for a new one – brianlmerritt Jun 30 '16 at 09:06
what is q for? what is the use of silent – stats con chris Jul 29 '23 at 01:24

score 3 · Answer 3 · answered Oct 26 '18 at 09:59

Agree with Michel Marro except that it needs some more: If the file already exists, it will still be interactive asking if it has to overwrite it.

Use the answer of this question.

yes y | ssh-keygen -q -t rsa -N '' >/dev/null

The redirection to null is necessary to silence the overwrite message.

score 2 · Answer 4 · answered Feb 02 '20 at 07:10

It is recommended to use ed25519 for security and performance.

yes "y" | ssh-keygen -o -a 100 -t ed25519 -C "Bla Bla" -f /mypath/bla -N ""

here

-o OpenSSH key format instead of older PEM (needs OpenSSH 6.5+)

-a Number of primality test while screening DH-GEX candidates

-t Type of key (ed25519, RSA, DSA etc.)

-f /mypath/bla The output file path and name

-N "" Use empty passphase

and yes "y" for no interaction.

It will generate two files

/mypath/bla
/mypath/bla.pub

where the bla file is private and bla.pub is public.

score 1 · Answer 5 · answered Jul 23 '18 at 17:57

1

echo -e "\n"|ssh-keygen -t rsa -N ""

answered Jul 23 '18 at 17:57

Mannix

411
10
23

Eh? This actually has *fewer* newlines than one of the answers you claim don't work (and that's on the subset of platforms where `echo -e` emits something other than `-e` at all, which is not everywhere `ssh-keygen` is available). – Charles Duffy Jul 23 '18 at 18:07
...to be clear, I make production use of `ssh-keygen -N ''` as part of an automated install procedure, and it doesn't read stdin at all, so there's no need for the `echo` (*any* `echo` variant) piped into it. (Granted, I believe stdin is connected to `/dev/null` in my production use case; there could well be different behavior when it's attached to a TTY, but the better answer is ` – Charles Duffy Jul 23 '18 at 18:10
2

It prompts me for a filename: `$ ssh-keygen -t rsa -N '' Generating public/private rsa key pair. Enter file in which to save the key (/home/dlyons/.ssh/id_rsa):` – Mannix Jul 24 '18 at 22:36

Automating "enter" keypresses for bash script generating ssh keys

5 Answers5

Linked