How To: Find SSH key using Fingerprint

unix-tutorial-grey

I’ve recently had a weird SSH keys problem, and took a note to tidy up SSH keys accumulated over years. ssh-agent will show all the identities, but only listing SSH fingerprints instead of filenames. I had to find a way of progressing this further.

Use ssh-add to show active SSH identities

ssh-add -l command will show you all the keys currently used:

greys@xps:~/.ssh $ ssh-add -l
4096 SHA256:oae3VVEjNhyt30cA2tTbWYE68kdY0IpCq2tc2rh+/XE greys@xps (RSA)
2048 SHA256:P8krGGt8U4l0a4hNgGW6+mYxqYvPqIDe88izXd+LNM4 (RSA)
4096 SHA256:AIWB70fjJrtk1IRwn04D400Lr1C54iZxpSozYJJqMtA greys-wsl (RSA)
256 SHA256:itlxa2PY3uI975LfXnCo4iEwL8YGsgriQPEqwd5yaDU greys@xps (ED25519)
2048 SHA256:SzteP63exx+Yqu+x9e+9tbPhE3G2iIRoDWRMY8i/Zx0 gleb@reys.net (RSA)
2048 SHA256:0MakqfX8dKHZ+5iMIzFH0YEqnljMWTQiK9wHeD2JYb8 (RSA)

List a fingerprint for SSH key

If you have an SSH keypair, you can use the ssh-keygen command to confirm a fingerprint using public key like this:

greys@xps:~/.ssh $ ssh-keygen -lf /home/greys/.ssh/ts2_aws.pub
2048 SHA256:0MakqfX8dKHZ+5iMIzFH0YEqnljMWTQiK9wHeD2JYb8 no comment (RSA)

Which means the task of finding a key with matching fingerprint just means inspecting all the public keys in your user’s .ssh directory.

See Also