Determine which SSH public key was uploaded to the web service.
Sample list of uploaded SSH public keys.
Display local key fingerprints using md5 hash algorithm.
$ find ~/.ssh/ -maxdepth 1 -type f -exec bash -c 'if [[ "$( file -b "{}" )" == *private* ]]; then echo -e "{} $(ssh-keygen -l -f {} -E md5 | cut -d\ -f2 )"; fi' \; | column -t
/home/milosz/.ssh/deploy MD5:56:22:76:7d:da:7a:92:b6:b1:f5:c5:4d:98:68:fe:2c /home/milosz/.ssh/ansible MD5:a3:c1:32:7f:4d:48:53:d4:79:b8:c8:c4:4e:77:f5:2d /home/milosz/.ssh/jenkins_home MD5:f5:67:18:ce:79:ba:0d:7e:38:41:27:b0:f5:c0:9a:cc /home/milosz/.ssh/mobile MD5:0c:e8:11:65:19:7c:cc:c7:3a:34:30:33:ee:21:05:2e /home/milosz/.ssh/gitlab_external MD5:a3:a0:9d:07:21:c4:18:f1:8f:b9:a0:f6:10:44:96:64 /home/milosz/.ssh/milosz MD5:9d:98:78:db:25:4f:2e:62:06:af:47:f1:3d:76:96:50 /home/milosz/.ssh/jenkins MD5:81:0e:30:c9:67:66:2e:36:2a:d2:5f:bf:f4:b1:ee:9c
Display local key fingerprints using sha256 hash algorithm.
$ find ~/.ssh/ -maxdepth 1 -type f -exec bash -c 'if [[ "$( file -b "{}" )" == *private\ key ]]; then echo -e "{} $(ssh-keygen -l -f {} -E sha256 | cut -d\ -f2 )"; fi' \; | column -t
/home/milosz/.ssh/deploy SHA256:pDpy9cQVs2rY3l2TmQyG+xXjqKWUhYUUhdvNLyu5rWo /home/milosz/.ssh/ansible SHA256:MqT9esnWPypAIAvl/A6AQG7oTx+xbeROJt70vixP+oc /home/milosz/.ssh/jenkins_home SHA256:b4vN4p13EvBznlWSduSMS8iJAZqycrYKkGKvXDDCVdY /home/milosz/.ssh/mobile SHA256:W4DzgWYdMqTCKDBG89iNeeyEoqKlexEO3c/TMnWQDLU /home/milosz/.ssh/gitlab_external SHA256:dEmW5AUt7AEHPLwwsjW+iogUDAF7p0/5tBXILQfqd98 /home/milosz/.ssh/milosz SHA256:CaC957nx9z3P1vjOuRf8KaVV9enB/aypMYaaCyS5OZE /home/milosz/.ssh/jenkins SHA256:BFlRCJ++SIBM6oLrOVFXyigMGya0ydAXCHeGd/FIroY
Now you can easily identify and rotate keys when needed.
I am using file command to identify the private key.
$ file ~/.ssh/milosz
/home/milosz/.ssh/milosz: PEM RSA private key
OpenSSH authentication key utility ssh-keygen to extract fingerprint.
$ ssh-keygen -l -f ~/.ssh/milosz
2048 SHA256:CaC957nx9z3P1vjOuRf8KaVV9enB/aypMYaaCyS5OZE milosz@milosz-XPS-13-9343 (RSA)