Let's Play With SSH
Create an SSH Key
Create a key called foobar
:
ssh-keygen -t rsa -b 4096
View the Key Material
View the private key material:
openssl rsa -text -noout -in foobar
# RSA Private-Key: (4096 bit, 2 primes)
# modulus: <octets>
# publicExponent: 65537 (0x10001)
# privateExponent: <octets>
# prime1: <octets>
# prime2: <octets>
# exponent1: <octets>
# exponent2: <octets>
# coefficient: <octets>
Export public key from private key:
openssl rsa -in foobar -pubout > foobar.pub
# writing RSA key
View public key:
openssl rsa -text -noout -pubin -in foobar.pub
# RSA Public-Key: (4096 bit)
# Modulus: <octets>
# Exponent: 65537 (0x10001)
Create SSH Public Key From An existing Private Key
ssh-keygen -y -f foobar > ./foobar.new.pub
Use ssh-keygen to read a private cert:
ssh-keygen -l -f ./foobar
# 4096 SHA256:w6JCjrrkZUt1XdCENaOA8SUAKXFfDJZDd9CqbpJSuwM no comment (RSA)
openssl
man pages
Helpful It turns out that once we get over our anxiety, the openssl
tool is actually pretty easy to learn:
It's also a giant ball of mud, but life is hard.