What command can be used in Linux to display the version of ssh-keygen? Its man page doesn't tell the version, oddly, nor does it mention any option to do it (e.g. -v or --version). Of no use is apt-cache either, as it shows the version of the whole containing package (ssh).
Asked
Active
Viewed 3,992 times
7
ByteEater
- 293
1 Answers
6
ssh-keygen does not have its own version separate from the whole containing package (which corresponds to the version of the OpenSSH release that was packaged).
So if dpkg -l openssh\* says it's "8.4", then /usr/bin/ssh-keygen is also version 8.4.
Only some OpenSSH tools have an option to display the version, in particular ssh does, so if you run ssh -V (or /usr/bin/ssh -V just to be sure) and it says 8.4p1, then all other ssh-* tools included in the same package also have version 8.4p1.
The GitLab article says "SSH version 6.5 or later" – I'm pretty sure it means OpenSSH 6.5 or later, as there is no SSH protocol version 6.5 (protocol SSHv2 is still current).
OpenSSH 6.5 did not use MD5, but rather had the ability to use it (much like older TLS clients had the ability to speak SSLv3) – as far as I understand, only if connecting to an outdated server which required RSA-MD5, not all the time. Also, this only affected server-client communication but not key generation (SSH keys don't have long-term signatures in them at all).
grawity
- 501,077