How to generate JWT RS512 key

jwtRS512.sh

ssh-keygen -t rsa -b 4096 -e SHA512 -f jwtRS512.key
# Don't add passphrase
openssl rsa -in jwtRS512.key -pubout -outform PEM -out jwtRS512.key.pub
cat jwtRS512.key
cat jwtRS512.key.pub

-E

also add -m PEM (for macos)

Instead of -e it is -E

     -E fingerprint_hash
             Specifies the hash algorithm used when displaying key fingerprints.  Valid options are: “md5” and “sha256”.  The default is “sha256”.

     -e      This option will read a private or public OpenSSH key file and print to stdout a public key in one of the formats specified by the -m option.  The default export format is “RFC4716”.  This option allows exporting OpenSSH keys for use by other pro-
             grams, including several commercial SSH implementations.

thanks @MaSven

#!/bin/bash
echo -e "# Don't add passphrase"
ssh-keygen -t rsa -b 4096 -m PEM -E SHA512 -f jwtRS512.key
# Don't add passphrase
openssl rsa -in jwtRS512.key -pubout -outform PEM -out jwtRS512.key.pub
cat jwtRS512.key
cat jwtRS512.key.pub

Hey just found this when searching on google. Thanks for the script!

you can add -N "" to the ssh-keygen command this will force it to not ask you for a passphrase.

#!/bin/bash
echo -e "# Don't add passphrase"
ssh-keygen -t rsa -b 4096 -m PEM -E SHA512 -f jwtRS512.key -N ""
# Don't add passphrase
openssl rsa -in jwtRS512.key -pubout -outform PEM -out jwtRS512.key.pub
cat jwtRS512.key
cat jwtRS512.key.pub

And here is a one-liner which will just print a private and public key on the console and deletes the created files. Thats useful if you just want to generate a keypair really quick for testing. It does the same as the script. Just put the following in your console:

ssh-keygen -t rsa -b 4096 -m PEM -E SHA512 -f jwtRS512.key -N "" && openssl rsa -in jwtRS512.key -pubout -outform PEM -out jwtRS512.key.pub && cat jwtRS512.key && cat jwtRS512.key.pub && rm jwtRS512.key jwtRS512.key.pub