0

[problem]

I generated a private key with the following cmd

openssl genrsa 2048 | openssl pkcs8 -topk8 -inform PEM -out rsa_key.pem –nocrypt
pkcs8: Use -help for summary.
Generating RSA private key, 2048 bit long modulus (2 primes)
................+++++
...........................................+++++

e is 65537 (0x010001)

but I cannot find where is this key, so I tried the following 2 steps.

[what i tried]

  1. Use sudo find / -name 'rsa_key.pem', and I got Permission denied error.

  2. Checked the openssl folder location using openssl version -d, I got OPENSSLDIR: "/opt/conda/ssl" under this folder I only see the following files:

    cacert.pem cert.pem ct_log_list.cnf ct_log_list.cnf.dist misc openssl.cnf openssl.cnf.dist

  3. Ignore this problem, go to generate public using openssl rsa -in rsa_key.pem -pubout -out rsa_key.pub, and I got an error.

Error message

Can't open rsa_key.pem for reading, No such file or directory
139653660292096:error:02001002:system library:fopen:No such file or 
directory:crypto/bio/bss_file.c:69:fopen('rsa_key.pem','r')
139653660292096:error:2006D080:BIO routines:BIO_new_file:no such file:crypto/bio/bss_file.c:76:
unable to load Private Key

I want to know how can I fix this issue, where can I find the rsa_key.pem generated?

[Addition]

  • If I generate key using openssl genrsa -out snowflake_key 4096, then I will find it in the current working directory
  • If I generate key using $ openssl genrsa 2048 | openssl pkcs8 -topk8 -inform PEM -out rsa_key.p8 -nocrypt, then I can find it in the current working directory as well.
Mapotofu
  • 268
  • 2
  • 4
  • 15

2 Answers2

2

Try this :

cd /tmp
openssl genrsa 2048 | openssl pkcs8 -topk8 -out rsa_key.pem
openssl rsa -in rsa_key.pem -pubout -out rsa_key.pub
Philippe
  • 20,025
  • 2
  • 23
  • 32
  • I tried but it ask me to enter a Enter Encryption Password, what is this for ? – Mapotofu Aug 11 '23 at 09:03
  • 1
    That's the passphrase for the private key. You can type Enter if you don't need one. – Philippe Aug 11 '23 at 09:04
  • thanks so much, it works, and do you have any idea the reason why in my original cmd, with "-inform PEM -out rsa_key.pem –nocrypt " it did not work ? – Mapotofu Aug 11 '23 at 09:06
  • Another question, when I copy the public key from the file, it also copied the space between each line, should I remove this space before I added them into my user ? – Mapotofu Aug 11 '23 at 09:17
  • 1
    It seems `–nocrypt` causes problem. There should be no spaces in the public key. – Philippe Aug 11 '23 at 09:39
0

Ssh keys are generally kept under ~/.ssh/ directory.
While using openssl ssh keys are generated in the current working directory unless you specify explicit path.
If you generate ssh keys using ssh-keygen then by default the keys would be placed in ~/.ssh/ directory but it does give you a choice to choose destination directory.

akc5
  • 15
  • 4
  • I do not see the key file after using ls ~/.ssh/ – Mapotofu Aug 11 '23 at 08:47
  • Normally openssl commands generate outputs in the same directory where they are run, I've done it several times and never had this problem. Can you paste the complete outputs of the commands you're running ? – akc5 Aug 11 '23 at 08:52
  • 1
    I added some other information in the question, and normally the output I pasted are the complete ones. I can find it when the it is .p8 but not .pem – Mapotofu Aug 11 '23 at 09:00