How to verify an ssh key is valid for a given a host?

Question

I want to test the validity of an ssh passphrase-protected identity file against a given host. I do not want to actually provide the passphrase nor do I necesarily know it, just verify that the identity file itself is even applicable at all to the remote host in question.

Consider the following examples:

ssh -i .ssh/right-key.pem user@some_host
Enter passphrase for key '.ssh/right-key.pem': 

ssh -i .ssh/wrong-key.pem user@some_host
Permission denied (publickey).

When I use the valid key, I get prompted for a passphrase. When I use the invalid key there is no prompt but an error is returned right away. Some how ssh knows that one of these keys would apply and the other does not. I want a simple way to perform this test.

How would I do this? Thank you!

Is there a .ssh/wrong-key.pem.pub as well? – u1686_grawity Oct 22 '19 at 21:48 — u1686_grawity, Oct 22 '19 at 21:48

score 1 · Answer 1 · answered Oct 22 '19 at 23:00

Here is perhaps the not-most elegant solution, but it is what I was able to figure out for the time being

ssh -v -o batchmode=yes -i .ssh/right-key.pem user@some_host 2>&1 | grep 'Server accepts key'

Doing the same thing with wrong-key.pem will result in a grep miss and therefore return an error status.

I welcome better answers if someone has them.

How to verify an ssh key is valid for a given a host?

1 Answers1