How to List Loaded SSH Keys in Ubuntu

Managing SSH keys is essential for secure server administration and seamless authentication. This article provides a quick, direct guide on how to verify which SSH keys are currently loaded into your active ssh-agent session on Ubuntu Linux using simple terminal commands.

Viewing Loaded SSH Keys

The ssh-add utility is the primary tool used to manage keys within the ssh-agent. To see which keys are currently active, open your terminal and run one of the following commands.

Method 1: List Key Fingerprints

To view the SHA256 fingerprints and local file paths of all currently loaded keys, use the -l option:

ssh-add -l

If keys are loaded, the output will look similar to this:

2048 SHA256:abCDeFgHiJkLmNoPqRsTuVwXyZ1234567890/Example /home/user/.ssh/id_rsa (RSA)

Method 2: List Full Public Keys

To output the actual public key strings (which is useful if you need to copy and paste them into a remote server’s authorized_keys file), use the uppercase -L option:

ssh-add -L

This will print the complete public key contents starting with ssh-rsa, ssh-ed25519, or your specific key type.

Troubleshooting Common Issues

Error: “The agent has no identities.”

If you run ssh-add -l and receive this message, it means the ssh-agent is running, but no keys have been added to it yet. You can load your default key by running:

ssh-add

Or load a specific key file by specifying its path:

ssh-add ~/.ssh/my_custom_key

Error: “Could not open a connection to your authentication agent.”

If you receive this error, the ssh-agent is not running in your current terminal session. Start the agent first with the following command:

eval "$(ssh-agent -s)"

Once the agent is running, you can add your keys using ssh-add and verify them again using ssh-add -l.