2

In Windows PowerShell, with ssh-keygen, how to create an SSH key pair with a private key that has no passphrase (password), without having to confirm twice the empty passphrase, and without having to confirm the location?

ssh-keygen -q -t ed25519 -f id_ed25519 -N ''

does not work. It will just show you the parameter overview:

option requires an argument -- N
usage: ssh-keygen [-q] [-b bits] [-t dsa | ecdsa | ed25519 | rsa]
                  [-N new_passphrase] [-C comment] [-f output_keyfile]
       ssh-keygen -p [-P old_passphrase] [-N new_passphrase] [-f keyfile]
       ssh-keygen -i [-m key_format] [-f input_keyfile]
       ssh-keygen -e [-m key_format] [-f input_keyfile]
       ssh-keygen -y [-f input_keyfile]
       ssh-keygen -c [-P passphrase] [-C comment] [-f keyfile]
       ssh-keygen -l [-v] [-E fingerprint_hash] [-f input_keyfile]
       ssh-keygen -B [-f input_keyfile]
       ssh-keygen -F hostname [-f known_hosts_file] [-l]
       ssh-keygen -H [-f known_hosts_file]
       ssh-keygen -R hostname [-f known_hosts_file]
       ssh-keygen -r hostname [-f input_keyfile] [-g]
       ssh-keygen -G output_file [-v] [-b bits] [-M memory] [-S start_point]
       ssh-keygen -T output_file -f input_file [-v] [-a rounds] [-J num_lines]
                  [-j start_line] [-K checkpt] [-W generator]
       ssh-keygen -s ca_key -I certificate_identity [-h] [-U]
                  [-D pkcs11_provider] [-n principals] [-O option]
                  [-V validity_interval] [-z serial_number] file ...
       ssh-keygen -L [-f input_keyfile]
       ssh-keygen -A
       ssh-keygen -k -f krl_file [-u] [-s ca_public] [-z version_number]
                  file ...
       ssh-keygen -Q -f krl_file file ...
Improve this question

1 Answer 1

Reset to default
1

This is it:

ssh-keygen -q -t ed25519 -f id_ed25519 -N '""'

And it also works without the "-q":

ssh-keygen -t ed25519 -f id_ed25519 -N '""'

With these parameters, there will be no prompt to press enter at all, the passwordless key pair will be directly created.

You need two parameters:

-N '""'

is the way how PowerShell will understand the parameter as an empty passphrase (one of these Windows exceptions again...). Mind that other command prompts just need a '' or "" (up to you).

And:

-f MY_FILENAME

or

-f MY_PATH_MY_FILENAME

Meaning: you can add the path to that filename, else you will save it "where you are". The standard location if you did not pass that parameter on Windows is C:\Users\Admin\.ssh\

This is taken from Automate ssh-keygen -t rsa so it does not ask for a passphrase, and I am repeating this in a new question for the PowerShell case since I did not find the solution quickly enough. If you follow the first links which you find on the net and on Stack Exchange, you will think that '' or "" is the global format for an empty password, and you will likely overread the very special PowerShell case even if it is mentioned somewhere, since you do not expect it to be an exception! That is why this exception should already be stressed in the question header to catch your eye.

Improve this answer
1
  • 1
    How aggravating that the Powershell version doesn't behave the same way.
    – JDOaktown
    Commented Jun 10 at 16:28

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .