> For the complete documentation index, see [llms.txt](https://docs.devolutions.net/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.devolutions.net/powershell/powershell-commands/new-rdmsshkey.md). # New-RDMSSHKey ### Synopsis Create an SSH key. ### Syntax #### Private ``` New-RDMSSHKey [-Algorithm] -Format [-Comment ] [-SavePrivateKey ] [-Size ] [-ForcePromptAnswer ] [] ``` #### EncryptedPrivate ``` New-RDMSSHKey [-Algorithm] -Format -Passphrase [-Comment ] [-SavePrivateKey ] [-Size ] [-ForcePromptAnswer ] [] ``` #### Public ``` New-RDMSSHKey [-Algorithm] [-Comment ] [-SavePublicKey ] [-Size ] [-ForcePromptAnswer ] [] ``` ### Description Create an SSH key. The public key will be returned. There is also the possiblity the save a public or private key file. A passphrase can be used to protect the private key file. In both cases, an existing file will be overwritten. ### Examples #### Example 1 ```powershell PS C:\> $pubKey = New-RDMSSHkey -Algorithm RSA -Comment username@hostname -Size 2048 ``` Create an SSH public key of 2048 bits using RSA and of format is Putty. The resulting key ends with the comment (username\@hostname). #### Example 2 ```powershell PS C:\> $pubKey = New-RDMSSHkey ECDSA -Comment username@hostname -Size 256 -SavePublicKey C:\mypath\sshPublicKey.pub ``` Create an SSH public key of 256 bits using ECDSA with the comment username\@hostname. The key is saved in the file C:\mypath\sshPublicKey.pub. If the file exists, it will be overwritten. #### Example 3 ```powershell PS C:\> $passwd = Read-Host -AsSecureString; $pubKey = New-RDMSSHkey -Algorithm ECDSA -Format PKCS8 -Encryption SHA1_RC4_128 -Size 521 -Round 64 -SavePrivateKey C:\mypath\sshPrivateKey.pri -Passphrase $passwd ``` First, the password used to encrypt the file is generated from the input of the user. Create an SSH private key of 521 bits using ECDSA with an empty comment. The key is saved in the file C:\mypath\sshPrivateKey.pri. The format used is PKCS8 with encryption SHA1\_RC4\_128 and 64 rounds. If the passphrase used is empty, no encryption will occur. #### Example 4 ```powershell PS C:\> $pubKey = New-RDMSSHkey -Algorithm ECDSA -Comment username@hostname -Format PKCS8 -Size 521 -Round 64 -SavePrivateKey C:\mypath\sshPrivateKey.pri ``` Create an SSH private key of 521 bits using ECDSA with the comment username\@hostname. The key is saved in the file C:\mypath\sshPrivateKey.pri and is not encrypted. ### Parameters #### -Algorithm The algorithm used to generate the SSH key. ```yaml Type: System.String DefaultValue: '' SupportsWildcards: false Aliases: [] ParameterSets: - Name: (All) Position: 0 IsRequired: true ValueFromPipeline: false ValueFromPipelineByPropertyName: false ValueFromRemainingArguments: false DontShow: false AcceptedValues: [] HelpMessage: '' ``` #### -Comment The comment at the end of a public key. No space allowed. ```yaml Type: System.String DefaultValue: '' SupportsWildcards: false Aliases: [] ParameterSets: - Name: (All) Position: Named IsRequired: false ValueFromPipeline: false ValueFromPipelineByPropertyName: false ValueFromRemainingArguments: false DontShow: false AcceptedValues: [] HelpMessage: '' ``` #### -ForcePromptAnswer Switch to use with caution. It will automatically answer prompt asking yes/no, yes/no/cancel, or ok/cancel questions. In case of multiple prompts, multiple values can be passed to this parameter. Here are the accepted values: * Yes: Accept the prompt. Cover the OK and Automatic value. * No: Refuse the yes/no/cancel prompt. "Cancel" is the fallback option if there is no "No" option. * Cancel: Cancel the yes/no/cancel prompt. "No" is the fallback option if there is no "Cancel" option. ```yaml Type: System.Windows.Forms.DialogResult[] DefaultValue: '' SupportsWildcards: false Aliases: [] ParameterSets: - Name: (All) Position: Named IsRequired: false ValueFromPipeline: false ValueFromPipelineByPropertyName: false ValueFromRemainingArguments: false DontShow: false AcceptedValues: [] HelpMessage: '' ``` #### -Format The format used to store the private key. ```yaml Type: System.String DefaultValue: '' SupportsWildcards: false Aliases: [] ParameterSets: - Name: Private Position: Named IsRequired: true ValueFromPipeline: true ValueFromPipelineByPropertyName: false ValueFromRemainingArguments: false - Name: EncryptedPrivate Position: Named IsRequired: true ValueFromPipeline: true ValueFromPipelineByPropertyName: false ValueFromRemainingArguments: false DontShow: false AcceptedValues: [] HelpMessage: '' ``` #### -Passphrase Passphrase used to protected the private key file. An empty SecureString is accepted, meaning no encryption will occur. ```yaml Type: System.Security.SecureString DefaultValue: '' SupportsWildcards: false Aliases: [] ParameterSets: - Name: EncryptedPrivate Position: Named IsRequired: true ValueFromPipeline: false ValueFromPipelineByPropertyName: false ValueFromRemainingArguments: false DontShow: false AcceptedValues: [] HelpMessage: '' ``` #### -SavePrivateKey Save the private key in a file at the specified path. The supported extensions are: PKCS#1/OpenSSL (*.key), PKCS#8 (*.pri) and PuTTY (\*ppk) ```yaml Type: System.String DefaultValue: '' SupportsWildcards: false Aliases: [] ParameterSets: - Name: Private Position: Named IsRequired: false ValueFromPipeline: false ValueFromPipelineByPropertyName: false ValueFromRemainingArguments: false - Name: EncryptedPrivate Position: Named IsRequired: false ValueFromPipeline: false ValueFromPipelineByPropertyName: false ValueFromRemainingArguments: false DontShow: false AcceptedValues: [] HelpMessage: '' ``` #### -SavePublicKey Save the public key in a file at the specified path. The supported extension is (\*.pub). ```yaml Type: System.String DefaultValue: '' SupportsWildcards: false Aliases: [] ParameterSets: - Name: Public Position: Named IsRequired: false ValueFromPipeline: false ValueFromPipelineByPropertyName: false ValueFromRemainingArguments: false DontShow: false AcceptedValues: [] HelpMessage: '' ``` #### -Size The number of bits in the key for RSA and ECDSA algorithms. For RSA, the default value is 2048 and the valid values are: 1024, 2048, 3072, 4096, 6144 and 8192. For ECDSA, the default value is 256 and the valid values are: 256, 384 and 521. ```yaml Type: System.Int32 DefaultValue: '' SupportsWildcards: false Aliases: [] ParameterSets: - Name: (All) Position: Named IsRequired: false ValueFromPipeline: false ValueFromPipelineByPropertyName: false ValueFromRemainingArguments: false DontShow: false AcceptedValues: [] HelpMessage: '' ``` #### CommonParameters This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about\_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216). ### Outputs ### Notes For more information, type "Get-Help New-RDMSSHKey -detailed". For technical information, type "Get-Help New-RDMSSHKey -full". --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.devolutions.net/powershell/powershell-commands/new-rdmsshkey.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.