Does the right half of the rsa public key matter?

In a public key file "id_rsa.pub" generated by ssh-keygen, does the part after the == matter?

I ask because when I changed "[email protected]" to "root", it seems to still work.

More generally, I am curious about what the purpose of that half is.


Solution 1:

This right part of a public key (either "id_rsa.pub" or "id_dsa.pub") is just a comment and is usually filled with the < login>@< hostname> who generated the key. This in a way similar to the comment field from the SSH Public Key File Format (see RFC 4716).

So, as being purely informational and optional, you can change it to whatever you like, but keeping the < login>@< hostname> is a practical way to keep track of what is what.

For more about OpenSSH "authorized_keys" format:

  • OpenBSD sshd man page - "AUTHORIZED_KEYS"