Securityflags: g

SSH Public Key

Match SSH public keys in OpenSSH `authorized_keys` format, including the optional comment field.

Try it in RegexPro →

Available in

JSSupported

JavaScript / ECMAScript

Browser-native RegExp. Default if you don't pick.

PYSupported

Python (re)

CPython stdlib `re`. Unicode-aware `\w` and `\d` by default.

GOSupported

Go (RE2)

Linear-time matching. No backreferences or lookarounds.

Pattern

regexengine-agnostic

ssh-(?:rsa|dss|ed25519|ecdsa-sha2-nistp(?:256|384|521))\s+[A-Za-z0-9+\/=]+(?:\s+\S+)?   (flags: g)

Raw source: ssh-(?:rsa|dss|ed25519|ecdsa-sha2-nistp(?:256|384|521))\s+[A-Za-z0-9+\/=]+(?:\s+\S+)?

How it works

ssh-(?:rsa|dss|ed25519|ecdsa-sha2-nistp(?:256|384|521)) matches the key-type prefix for the four common algorithms. \s+ requires whitespace before the base64 body. [A-Za-z0-9+\/=]+ matches the base64-encoded key material. (?:\s+\S+)? optionally matches a trailing comment (typically `user@host`).

Examples

Input

ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBVxr alice@laptop

Matches

ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBVxr alice@laptop

Input

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAB

Matches

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAB

Input

PRIVATE KEY HERE

No match

—

Common use cases

•Validating uploaded SSH keys in admin UIs
•Auditing authorized_keys files for stray algorithms
•Secret-scanning for committed public keys (info leakage)
•Provisioning automation that ingests user-supplied keys

←PreviousCSS Custom Property (Variable)

All patterns

NextStripe API Key→