Github: Getting the SHA256 fingerprint of an SSH key

2 min read | by Jordi Prats

When you need to check the SSH key that you are using on your GitHub account, you'll get the SHA256 fingerprint of the key.

Depending on the version of OpenSSH that you are using, the fingerprint you get from using ssh-keygen -lf might be different from the one that GitHub shows you.

If the fingerprint that you get from ssh-keygen -lf is different from the one that GitHub shows you, you can use the -E sha256 option to get the SHA256 fingerprint:

$ ssh-keygen -E sha256 -l -f example-github.pub
3072 SHA256:aEbkcUdwehyj78b2214AFS7momYxx6xyCx9xM7x5pMM1 example-github (RSA)

With this command, you'll get the SHA256 fingerprint that GitHub shows you.

On the other hand, if you want to get the hexadecimal MD5, but you are getting the SHA256, you can use the -E md5 option:

$ ssh-keygen -l -E md5 -f ~/.ssh/id_rsa
3072 MD5:de:ed:69:aa:be:ef:01:ff:ee:00:0a:1b:2c:3d:4f:11 example-github (RSA)

Posted on 22/10/2024