Tjyylli

What order were files/directories output in dir?

Random body shuffle every night—can we still function?

Did any compiler fully use 80-bit floating point?

Sally's older brother

How can a team of shapeshifters communicate?

How does light 'choose' between wave and particle behaviour?

How were pictures turned from film to a big picture in a picture frame before digital scanning?

Test print coming out spongy

NERDTreeMenu Remapping

How to write capital alpha?

Putting class ranking in CV, but against dept guidelines

Getting out of while loop on console

Why do early math courses focus on the cross sections of a cone and not on other 3D objects?

Did pre-Columbian Americans know the spherical shape of the Earth?

Caught masturbating at work

In musical terms, what properties are varied by the human voice to produce different words / syllables?

Google .dev domain strangely redirects to https

How much damage would a cupful of neutron star matter do to the Earth?

Where did this useful matrix decomposition come from for Nodal Analysis?

Did Mueller's report provide an evidentiary basis for the claim of Russian govt election interference via social media?

Is it dangerous to install hacking tools on my private linux machine?

What does the writing on Poe's helmet say?

Central Vacuuming: Is it worth it, and how does it compare to normal vacuuming?

Where is the Next Backup Size entry on iOS 12?

Does the right half of the rsa public key matter?

.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box;
}

45

7

In a public key file "id_rsa.pub" generated by ssh-keygen, does the part after the == matter?

I ask because when I changed "root@somedomain.com" to "root", it seems to still work.

More generally, I am curious about what the purpose of that half is.

ssh openssh pgp public-key-encryption

share|improve this question

asked Dec 9 '12 at 8:48

merlin2011merlin2011

71431023

add a comment | 

45

7

In a public key file "id_rsa.pub" generated by ssh-keygen, does the part after the == matter?

I ask because when I changed "root@somedomain.com" to "root", it seems to still work.

More generally, I am curious about what the purpose of that half is.

ssh openssh pgp public-key-encryption

share|improve this question

asked Dec 9 '12 at 8:48

merlin2011merlin2011

71431023

add a comment | 

In a public key file "id_rsa.pub" generated by ssh-keygen, does the part after the == matter?

I ask because when I changed "root@somedomain.com" to "root", it seems to still work.

More generally, I am curious about what the purpose of that half is.

ssh openssh pgp public-key-encryption

share|improve this question

asked Dec 9 '12 at 8:48

merlin2011merlin2011

71431023

share|improve this question

asked Dec 9 '12 at 8:48

merlin2011merlin2011

71431023

share|improve this question

asked Dec 9 '12 at 8:48

merlin2011merlin2011

71431023

asked Dec 9 '12 at 8:48

merlin2011merlin2011

71431023

asked Dec 9 '12 at 8:48

merlin2011merlin2011

71431023

1 Answer
1

active

oldest

votes

46

This right part of a public key (either "id_rsa.pub" or "id_dsa.pub") is just a comment and is usually filled with the < login>@< hostname> who generated the key.
This in a way similar to the comment field from the SSH Public Key File Format (see RFC 4716).

So, as being purely informational and optional, you can change it to whatever you like, but keeping the < login>@< hostname> is a practical way to keep track of what is what.

For more about OpenSSH "authorized_keys" format:

• OpenBSD sshd man page - "AUTHORIZED_KEYS"

share|improve this answer

edited 5 hours ago

maxwellb

915410

answered Dec 9 '12 at 9:47

OukiOuki

97711111

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Is there an RFC or similar document for this format as well? I've seen other funny things in these authorized_keys files as well, such as actual commands.
  
  – merlin2011
  Dec 9 '12 at 9:53
  
  
  

  
  
  
  


• 
  
  
  

  
  2
  

  
  
  
  
  
  

  
  
  This format seems openssh specific... but one of the most widely used. You can find some info about it in the openssh sshd manpage, in the "AUTHORIZED_KEYS FILE FORMAT" section.
  
  – Ouki
  Dec 9 '12 at 10:02
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  The openssh sshd manpage is now at http://www.freebsd.org/cgi/man.cgi?sshd(8)
  
  – Chirael
  Jul 1 '16 at 17:11
  
  
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  OpenSSH reference should be OpenBSD, not FreeBSD. Here is the right man page: openssh sshd manpage
  
  – Ouki
  Jul 1 '16 at 19:49
  
  
  

  
  
  
  

add a comment | 

Your Answer

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name

Email

Required, but never shown

StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f516912%2fdoes-the-right-half-of-the-rsa-public-key-matter%23new-answer', 'question_page');
}
);

Post as a guest

Name

Email

Required, but never shown

46

This right part of a public key (either "id_rsa.pub" or "id_dsa.pub") is just a comment and is usually filled with the < login>@< hostname> who generated the key.
This in a way similar to the comment field from the SSH Public Key File Format (see RFC 4716).

So, as being purely informational and optional, you can change it to whatever you like, but keeping the < login>@< hostname> is a practical way to keep track of what is what.

For more about OpenSSH "authorized_keys" format:

• OpenBSD sshd man page - "AUTHORIZED_KEYS"

share|improve this answer

edited 5 hours ago

maxwellb

915410

answered Dec 9 '12 at 9:47

OukiOuki

97711111

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Is there an RFC or similar document for this format as well? I've seen other funny things in these authorized_keys files as well, such as actual commands.
  
  – merlin2011
  Dec 9 '12 at 9:53
  
  
  

  
  
  
  


• 
  
  
  

  
  2
  

  
  
  
  
  
  

  
  
  This format seems openssh specific... but one of the most widely used. You can find some info about it in the openssh sshd manpage, in the "AUTHORIZED_KEYS FILE FORMAT" section.
  
  – Ouki
  Dec 9 '12 at 10:02
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  The openssh sshd manpage is now at http://www.freebsd.org/cgi/man.cgi?sshd(8)
  
  – Chirael
  Jul 1 '16 at 17:11
  
  
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  OpenSSH reference should be OpenBSD, not FreeBSD. Here is the right man page: openssh sshd manpage
  
  – Ouki
  Jul 1 '16 at 19:49
  
  
  

  
  
  
  

add a comment | 

46

This right part of a public key (either "id_rsa.pub" or "id_dsa.pub") is just a comment and is usually filled with the < login>@< hostname> who generated the key.
This in a way similar to the comment field from the SSH Public Key File Format (see RFC 4716).

So, as being purely informational and optional, you can change it to whatever you like, but keeping the < login>@< hostname> is a practical way to keep track of what is what.

For more about OpenSSH "authorized_keys" format:

• OpenBSD sshd man page - "AUTHORIZED_KEYS"

share|improve this answer

edited 5 hours ago

maxwellb

915410

answered Dec 9 '12 at 9:47

OukiOuki

97711111

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Is there an RFC or similar document for this format as well? I've seen other funny things in these authorized_keys files as well, such as actual commands.
  
  – merlin2011
  Dec 9 '12 at 9:53
  
  
  

  
  
  
  


• 
  
  
  

  
  2
  

  
  
  
  
  
  

  
  
  This format seems openssh specific... but one of the most widely used. You can find some info about it in the openssh sshd manpage, in the "AUTHORIZED_KEYS FILE FORMAT" section.
  
  – Ouki
  Dec 9 '12 at 10:02
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  The openssh sshd manpage is now at http://www.freebsd.org/cgi/man.cgi?sshd(8)
  
  – Chirael
  Jul 1 '16 at 17:11
  
  
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  OpenSSH reference should be OpenBSD, not FreeBSD. Here is the right man page: openssh sshd manpage
  
  – Ouki
  Jul 1 '16 at 19:49
  
  
  

  
  
  
  

add a comment | 

This right part of a public key (either "id_rsa.pub" or "id_dsa.pub") is just a comment and is usually filled with the < login>@< hostname> who generated the key.
This in a way similar to the comment field from the SSH Public Key File Format (see RFC 4716).

So, as being purely informational and optional, you can change it to whatever you like, but keeping the < login>@< hostname> is a practical way to keep track of what is what.

For more about OpenSSH "authorized_keys" format:

• OpenBSD sshd man page - "AUTHORIZED_KEYS"

share|improve this answer

edited 5 hours ago

maxwellb

915410

answered Dec 9 '12 at 9:47

OukiOuki

97711111

share|improve this answer

edited 5 hours ago

maxwellb

915410

answered Dec 9 '12 at 9:47

OukiOuki

97711111

edited 5 hours ago

maxwellb

915410

edited 5 hours ago

maxwellb

915410

answered Dec 9 '12 at 9:47

OukiOuki

97711111

answered Dec 9 '12 at 9:47

OukiOuki

97711111