SSH Fingerprint: Get Fingerprint of SSH RSA Key

The fingerprint is a unique sequence of letters and numbers used to identify the SSH RSA key.

It is the fingerprint of a key that is verified when you try to connect to a remote host using SSH.

In this note i will show how to generate the md5 and sha256 fingerprints of the SSH RSA key from the command line using the ssh-keygen command.

Cool Tip: Disable SSH host key checking! Read more →

Get SSH RSA Key Fingerprint

Get md5 fingerprint of the SSH RSA key:

$ ssh-keygen -E md5 -lf ~/.ssh/id_rsa
2048 MD5:82:0c:cb:cb:59:47:b6:4d:91:d9:15:dd:d3:c4:7b:36 id_rsa (RSA)

To generate the standard sha256 fingerprint from the SSH RSA key, execute:

$ ssh-keygen -lf ~/.ssh/id_rsa
2048 SHA256:0zrspFNBJWeJjMtP7Q0oGF7KfloFyKRRQfUSm0Qqi18 id_rsa (RSA)

The Same Fingerprint: The fingerprint of the private SSH RSA key and the related public one should be the same, i.e. the fingerprint of the .ssh/id_rsa should be the same as the one for the .ssh/id_rsa.pub.

Option Description
-l Show fingerprint of specified SSH RSA key file.
-f Specifies the filename of the SSH RSA key file.
-E Specifies the hash algorithm used when displaying key fingerprints. Valid options are: md5 and sha256. The default is sha256.