Securityflags: g
SSH Public Key
Match SSH public keys in OpenSSH `authorized_keys` format, including the optional comment field.
Try it in RegexPro →Available in
Pattern
regexengine-agnostic
ssh-(?:rsa|dss|ed25519|ecdsa-sha2-nistp(?:256|384|521))\s+[A-Za-z0-9+\/=]+(?:\s+\S+)? (flags: g)Raw source: ssh-(?:rsa|dss|ed25519|ecdsa-sha2-nistp(?:256|384|521))\s+[A-Za-z0-9+\/=]+(?:\s+\S+)?
How it works
ssh-(?:rsa|dss|ed25519|ecdsa-sha2-nistp(?:256|384|521)) matches the key-type prefix for the four common algorithms. \s+ requires whitespace before the base64 body. [A-Za-z0-9+\/=]+ matches the base64-encoded key material. (?:\s+\S+)? optionally matches a trailing comment (typically `user@host`).
Examples
Input
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBVxr alice@laptopMatches
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBVxr alice@laptop
Input
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABMatches
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAB
Input
PRIVATE KEY HERENo match
—Common use cases
- •Validating uploaded SSH keys in admin UIs
- •Auditing authorized_keys files for stray algorithms
- •Secret-scanning for committed public keys (info leakage)
- •Provisioning automation that ingests user-supplied keys
Related patterns
Generic API Key
SecurityMatch generic long alphanumeric tokens (32+ chars) typical of API keys and access tokens.
PEM Private Key Block
SecurityMatch PEM-encoded private key blocks across the common variants (RSA, EC, DSA, OpenSSH, encrypted, PGP).
Stripe API Key
SecurityMatch Stripe API keys: secret (sk_), publishable (pk_), or restricted (rk_), in test or live mode.
AWS Access Key ID
SecurityMatch AWS access key IDs (both long-term AKIA and temporary ASIA prefixes).