I want to automate generate a pair of ssh key using shell script on Centos7, and I have tried

yes "y" | ssh-keygen -t rsa
echo "\n\n\n" | ssh-keygen...
echo | ssh-keygen..

all of these command doesn't work, just input one 'enter' and the shell script stopped on "Enter passphrase (empty for no passphrase)", I just want to know how to simulate mutiple 'enter' in shell continuously.

Many thanks if anyone can help !

Just use a void pass using -N flag:

ssh-keygen -t rsa -N ''

To overwrite the key file (in this example id_rsa):

 ssh-keygen -q -t rsa -N '' -f ~/.ssh/id_rsa 2>/dev/null <<< y >/dev/null

From ssh-keygen man page:

  -N new_passphrase provides the new passphrase.
  -q                silence ssh-keygen.
  -f filename       specifies the filename of the key file.

Step by step explanation

$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/klashxx/.ssh/id_rsa):

1) To avoid entering the key use -f:

$ ssh-keygen -t rsa -f ~/.ssh/id_rsa
Generating public/private rsa key pair.
/home/klashxx/.ssh/id_rsa already exists.
Overwrite (y/n)?

2) Now we need to answer "y" automatically to the overwrite question (let's use a here-string for that job):

$ ssh-keygen -t rsa -f ~/.ssh/id_rsa <<< y
Generating public/private rsa key pair.
/home/klashxx/.ssh/id_rsa already exists.
Overwrite (y/n)? Enter passphrase (empty for no passphrase):

3) Finally we're going to use the -N flag to enter a void pass:

$ ssh-keygen -t rsa -N '' -f ~/.ssh/id_rsa <<< y
Generating public/private rsa key pair.
/home/klashxx/.ssh/id_rsa already exists.
Overwrite (y/n)? Your identification has been saved in /home/klashxx/.ssh/id_rsa.
Your public key has been saved in /home/klashxx/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:Xo0t6caMB/8TSsigxfY28JIfqYjyqxRZrFrPncx5yiU klashxx@server
The key's randomart image is:
+---[RSA 2048]----+
|                 |
|  .              |
|   o .           |
|  +   *    =     |
| +.  + BSo= o    |
|...o.+o+XO...    |
|.. .o.E==+B. .   |
|o . ...=.o...    |
|.+o.  o     ..   |
+----[SHA256]-----+

4) Extra ball, cleanup the output, just check the return code:

$ ssh-keygen -q -t rsa -N '' -f ~/.ssh/id_rsa 2>/dev/null <<< y >/dev/null
$ echo $?
0

Kudos

@lukasz-dynowski, @redochka, @mellow-yellow and the rest of the folks in this thread.

If you don't want to prompt user for a file in which to save the key then, you can add file output flag -f to the command.

ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa

This way user will not be prompted for any input -unless id_rsa file(s) already exist.

For me, i had to use combination of both @Lukasz answer and @Juan one, when using in ssh command

ssh -p$SSH_PORT -q joker@$INSTANCE_IP 'yes y | ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa'

None of the answers do exactly what is expected. The wanted behavior: run ssh-keygen with default settings (like if we just spammed Enter) without ever prompting for input.

The command to run is:

yes '' | ssh-keygen -N >/dev/null

leave out the >/dev/null if you want to print output.

Expalaination:
yes y spams y which ssh-keygen takes literally and makes the keys in $PWD/y and $PWD/y.pub . yes '' spams empty lines (Enter) which is what we want. Specifying the file with -f ~/.ssh/id_rsa fails if .ssh directory doesn't exist. The -t rsa option is not required if rsa is the default type (we're spamming enter anyways). The passphrase is not read from stdin (which we're spamming enters on) but from the keyboard directly so nothing can intercept it. For this reason you need to specify -N '' for empty passphrase.