2

I am trying to generate a secure private and public key with openssl for use with my cloud hosting provider but when I did that the public key output from openssl was not recognized.

$ openssl genrsa -out private.pem -passout file:password.txt  2048

After Generating RSA private key, 2048 bit long modulus, then

$ openssl rsa -in private.pem -passin file:password.txt   -pubout -out public.pem

It wrote the RSA public key. The output is something like this:

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuefPvX5Bih6GYbr1eTNf
Fa++DvhHg4nxcXZAor7gNEM1+XPY2wxG2r2g/Jub6OWHd8GDAf6SBCCld+alC9WS
KnAd2qz34yBzG4pJ5/tLux1yX5k45BPTcTHfZGmFlAxsSNTZVh5Zh9KYUpsklKOW
2Pb5gwlMvweIoqf0lqrNqX8agDWzAn4bRbW8ZeNKUuNuccx4PlFwMg4lEcPypcCL
HPAHGiQTR1xZ/jlohFMIH1cGCBVC4kuaEtUi3Qer9wzuvh376RQPnKD0jJgraiDM
pSrdMeH+0eJfqckM8pJ99F/kfKWcGtk6l1AJX511xsPLDTHxaP/ry8zlaAJ1vH9o
3wIDAQAB
-----END PUBLIC KEY-----

Which is the standard format and it works great for other use but All cloud and hosting providers need something like this for public key:

ssh-rsa XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX==

That is the only valid format they recognize.

I know ssh-keygen can do all that easily but I am using the currently latest openssl version 1.0.2h with security fix for some vulnerabilities pointed out by Google and Red Hat employees.

So how do I get the ssh-keygen public key format using my key generated from openssl?

Sojimaxi
  • 485
  • 1
  • 10
  • 17
  • Stack Overflow is a site for programming and development questions. This question appears to be off-topic because it is not about programming or development. See [What topics can I ask about here](http://stackoverflow.com/help/on-topic) in the Help Center. Perhaps [Super User](http://superuser.com/) or [Unix & Linux Stack Exchange](http://unix.stackexchange.com/) would be a better place to ask. Also see [Where do I post questions about Dev Ops?](http://meta.stackexchange.com/q/134306). – jww May 19 '16 at 05:37

1 Answers1

7

After doing some research and experiments I landed on the simplest solution.

Generate secure private key using openssl with a password length of 32 or more characters, then use ssh-keygen command to get my required output.

ssh-keygen  -y -f private.pem > public_key.pub

It works accurately!

Sojimaxi
  • 485
  • 1
  • 10
  • 17