How can I change the comment field of an RSA key (SSH)?
I came across this question in my own search for changing the comment in the ssh key in my new ubuntu installation.
I then did a search in man pages (man ssh-keygen
) and the answer was right there-
ssh-keygen -c [-P passphrase] [-C comment] [-f keyfile]
-c Requests changing the comment in the private and public key files.
This operation is only supported for RSA1 keys and keys stored in the
newer OpenSSH format. The program will prompt for the file containing
the private keys, for the passphrase if the key has one, and for the
new comment.
So, for me, all I had to do was
ssh-keygen -c -C "my new comment" -f ~/.ssh/my_ssh_key
On a side note: ssh-keygen
can be used to change the password used to protect the key file, including removing the password.
I've just created a RSA key with ssh-keygen -t rsa -b 4096
, no pass, no comment (so standard comment). I've uploaded it to GitHub and then changed it's comment. No re-upload was necessary, key worked before and after change and stopped working upon deletion from GitHub (though if it was cached and worked only due to that, I haven't tested).
Session log:
lafk-T470% ssh-keygen -c -f ~/.ssh/id_rsa -C "a new comment"
Comments are only supported for keys stored in the new format (-o).
lafk-T470% ssh-keygen -c -f ~/.ssh/id_rsa -C "a new comment" -o
Key now has no comment
The comment in your key file has been changed.
lafk-T470% vim ~/.ssh/id_rsa.pub
lafk-T470% tail -1 ~/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCocnoRyM7Oy5XA0dLIaiHHQiPnimJvXifliTZI7OX5lqkACsZmUL/D7kUV2uPDyyPZ6lm0UGUHXhOw2QjStQ6ubPRFOKWQyNDkemaQAJtHPYTkT4pGHbsddyko3SRG0Vp4A9CSLRLJXVGuGn1UpfjB/AD0aUcLWVJdgWDuovR09t1YsHbakDpDh4a/2JS52Cvg6x9kEGakZK7ffUQZ64yZvqisEH//e7SbYtpHIp4ZdBMSIIsFIBWvqMXZowahvSMbV7MeLFuwt90dMOFiGJIe0n8oPt/ilQ0FTRcEP7UODyLKbESHkZqoGAHKeQ4ZMCCv7T00KtB98HvWylqvzHg2rIpLMHkVcRGjwlaZUlZB5Zxk6dAJ5HHg1irF+05UeIbQ9YQF/0x63KWQvreEcmLrkbnZ++XeF2ipE7M7CfkYhpJ9XbKZBG4pOQIqLio2rBV9c3+y+sPq4BABXdJKAnIX+h3kFrvOVA7Gy9/YxgQfCJ0ZSmaAV08uqMm91GYGRU9lt2Uf/ALqhW0rH93UWUj232w35rY8GtXucWAjtw3zi6QtZsIAStRzT3Br+Qrqv4MrKvEk+4rzswytaYjCGLrsMDYL7hI/YEJh9vv/v3wGvJGAqLDk1FeBL8tdwEMr1eM9JKl5gVkmBa4MdJkNMe4rHwUIidrW8LW2EEBY3DmDTQ== a new comment
lafk-T470% git clone [email protected]:GH_User/a-repository.git
Cloning into 'a-repository'...
remote: Counting objects: 8, done.
remote: Compressing objects: 100% (4/4), done.
remote: Total 8 (delta 0), reused 8 (delta 0), pack-reused 0
Receiving objects: 100% (8/8), done.
So, this works for keys stored in NEW FORMAT. Steps detailed here, in my ServerFault answer.
All operations were done on Xubuntu 18.04 default OpenSSH ssh-keygen.
Private key will change in this manner. Not due to it's comment, but rather due to change in it's format. See the comparison here on a key created just for that comparison.
Note that for pub-key I've effectively broken it so Meld shows better what changed: spaces have been changed with line breaks (this breaks the format).
I just did a small test modifying the "Comment:" line of my private RSA key and it appears to be fixed at creation of the key.
It is a RSA key generated with Putty, and after modifying the comment in the key, the passwd did not work, i have to reverse the edit to the same original comment for it to work again.