search

stribika / stribika.github.io

307 stars 33 forks source link

Purpose of "< /dev/null" in host key generation? #38

Closed phizev closed 9 years ago

phizev commented 9 years ago

In the section "Server Authentication", the following 2 lines are used to generate the host keys:

ssh-keygen -t ed25519 -f ssh_host_ed25519_key < /dev/null
ssh-keygen -t rsa -b 4096 -f ssh_host_rsa_key < /dev/null

What is the purpose of < /dev/null? Running the lines both with, and without < /dev/null in either bash, or dash has no discernible difference which I can notice.

phizev commented 9 years ago

< /dev/null prevents accidentally overwriting an existing key:

user@host:~$ ssh-keygen -t ed25519 -f ssh_host_ed25519_key < /dev/null
Generating public/private ed25519 key pair.
ssh_host_ed25519_key already exists.
Overwrite (y/n)? user@host:~$

Whereas without < /dev/null:

user@host:~$ ssh-keygen -t ed25519 -f ssh_host_ed25519_key
Generating public/private ed25519 key pair.
ssh_host_ed25519_key already exists.
Overwrite (y/n)?

Leaves the choice up to the user. Apologies for the noise.