Usefulness of randomart for user keys?

Patrick Hemmer openssh at stormcloud9.net
Wed Jul 16 23:11:01 EST 2014


When using `ssh-keygen` to generate a user key, the default output
includes a randomart image. I'm trying to figure out what the usefulness
of this image is for user keys.
For host keys, the benefit is easily explained, as it makes it easier
for a human to ensure the remote host's key has not changed. But for
user keys I do not see a use.

I know that ssh-keygen is used to generate both host and user keys, so
my original thought was that it was because the utility didn't know
whether it was a user key or a host key being generated. But then you
have the `-A` option which generates the host keys. When you use this
option, the randomart image doesn't show up. So the utility is not
showing randomart images for host keys where the usefulness is obvious,
and it is showing it for user keys where the usefulness is not apparent.

Can anyone explain this behavior, and what benefit randomart has for a
user key?

Thanks

-Patrick


More information about the openssh-unix-dev mailing list