The newer version of ssh-keygen uses SHA256 hash to generate the fingerprint, whereas the older ones used an MD5 hash, which has the “cute widdle colons” between every pair of characters in the hash/fingerprint.
Probably your favorite web service shows the MD5-style hash, with the colons in it. To generate this for your SSH key, use this command line:
ssh-keygen -l -E md5 -f ~/.ssh/id_rsa.pub
- -l means generate the fingerprint
- -E means choose the type of hash to use for the fingerprint. You can choose md5, or sha256. sha256 is the default now.
- -f means choose the file to operate on
Output in md5 mode:
ssh-keygen -l -E md5 -f ~/.ssh/id_rsa.pub 2048 MD5:4a:0d:2e:64:10:b5:d2:72:4b:7b:88:ea:9e:21:00:58 rob@Blink (RSA)
ssh-keygen -l -f ~/.ssh/id_rsa.pub 2048 SHA256:EFFdf8lqlnQ9HjLh849RIioZzkr0txro8FR+Eqh6rMo rob@Blink (RSA)
About this command line, for inexperienced Linux users:
- You are using Linux or similar, and therefor your SSH key is in a subdirectory called “.ssh” in your home folder. In the Bash shell, and some other Linux command line environments, the symbol “~” indicates your home directory.
- ssh-keygen wants to know what file to process, and you use the “-f” parameter to identify that file.
- The “-l” parameter means “show the fingerprint”.