Go – Generate an SSH Public Key

huangapple go评论102阅读模式
英文:

Go - Generate an SSH Public Key

问题

我正在尝试在Go中生成用于SSH的密钥对。我似乎成功地创建了私钥,但是我无法弄清楚如何生成正确格式的公钥。

以下是代码:

privateKey, err := rsa.GenerateKey(rand.Reader, 2014)
if err != nil {
    return nil, err
}

privateKeyDer := x509.MarshalPKCS1PrivateKey(privateKey)
privateKeyBlock := pem.Block{
    Type:    "RSA PRIVATE KEY",
    Headers: nil,
    Bytes:   privateKeyDer,
}
privateKeyPem := string(pem.EncodeToMemory(&privateKeyBlock))

publicKey := privateKey.PublicKey
publicKeyDer, err := x509.MarshalPKIXPublicKey(&publicKey)
if err != nil {
    return nil, err
}

publicKeyBlock := pem.Block{
    Type:    "PUBLIC KEY",
    Headers: nil,
    Bytes:   publicKeyDer,
}
publicKeyPem := string(pem.EncodeToMemory(&publicKeyBlock))

fmt.Println(privateKeyPem)
fmt.Println(publicKeyPem)

我得到了以下输出:

-----BEGIN RSA PRIVATE KEY-----
MIIEhgIBAAKB/DFnL5O2LCGJQJ/6W299AsrXsHU3nsGVTbjoDqXjdHboSqAuv0ap
oyTPQuBVNff1X0AdVDwjat2vSAukST/3PmRX4TNU4jV0rog/z6grexOCSl3oatJO
i80t+F6uuTD6XTh5C5yDQNI/sTyaPpydbI+P87UuY4UapZaei7fwc3MfurJ+jwEJ
c+jOWbll2YhIgCOuIe0GRX4e4CDC2KiO/BqAWCPQNjk0Y0iC2+J+2Qy3QBOJTVO8
E2DzIhIe4VjKK6OVVesYmJWSXX/Jx382CvUDv5ss8mxGEs3yge4zeQ0GPPDaqTFw
OJ1uppsdj10ZiW92E8v/fYwlBNGfrQIDAQABAoH8C2OCMEcavVBquXZ5haYH8sLu
RtdfnbjRhgLY/Z0FyDOcoHimV5/boCy3egeqvVKvdpRMSuDPTfOOZECnMjvJAlDP
9Yln7HLNmVM8h8QeR00N38Aof/rjd5VVYF5fCs9slgwxhQ8s7ksIjLPyIyCXWjER
OX9MKe8OpT4/b1Pa1X6I28PaC3LVjDHEkigPd705i8VuF2nvZ3+Kb5uQHeczsq6f
LfJTME0uewB2UhKokJRUlqNpRMp+N4DUhChwC9yN0EXlxzbTUsW8ouLFNKLCqlxZ
YAJqWfCFFe14f++Ie4tfyFI0e1VP7Gge+5vxiIkuPapj5MMg47bVQHtxAn5olgFT
/RWHAGsGPS8cyFZ3sh01qmfaPl4mgthTQdSKj/YKUXy8/u9Wqdk7DK5wfTxD6/Go
HUpNtXkEhL5HmWxq85lhXzos98C/hNlo2GIP1X3D7IgGTwe3z2nlKUCAXLdc3Wwf
GmpBsg3HXZ7ZBL2WwH6JNn/KgbjSioZChvMCfnjtHZMoYfgoD3ncUey4Db5K2/cu
mWPGosswouUOnEFjYHKxo2glxxPgtOK2EgURxE/t/Tz+WPak4gl8fMjg4v8cjuxo
kZdH6Izm0wqMrPOdKFFwFFSdwhl5DG9Ikg/UTznAprvkfmtF32/sX1Ux4NBD6paq
XvMSLPz67VIm3wJ+JAvvkT8deFZQjOnxnv39r2uYXbLJ8JKmaKeYX7nEw60ypAPJ
9mn3m+sWkB+iz+qaJt7ff4342ie9+iy2WH8suwAS0Vi8+Fq7+EaVmGlcAxEWM70G
dQYwJs46NV2ueY97M2qtpVq5XMM9tIU0BqB3p8nY0voRuX5UcVyFQdC5An493VDc
EDTOt+/y7/wZlq+xQqr18ikXGm/+c4tik+7spOKayrZGec03JiZkNbFSVpyQJ7j+
k0EALapWIBHW0vZOfVXBLF4PfwJB03T0WLPCjgwqXaSJBYxfa8YoyH+xCXTenuiu
B1+FkeGVaN/8vd+9rIE/QzoAMLRDWDxBYxECfkAVgjWSiLoK3fJcdwsh6e9bxgK7
EI8yFnWyFhymHTLjACcw9DIZyiaFkpjkXjB7NX0EzWtM5FPUmfrFFLlCpHAzZ8P6
FjXyOcfVlE9IF4gZHNUXHj8R0HflPWg9K9pfAxBhmc5+GJ6aL4smjvpp05fwPD6u
0yYyxcpe8iznsQ==
-----END RSA PRIVATE KEY-----
 -----BEGIN PUBLIC KEY-----
MIIBHDANBgkqhkiG9w0BAQEFAAOCAQkAMIIBBAKB/DFnL5O2LCGJQJ/6W299AsrX
sHU3nsGVTbjoDqXjdHboSqAuv0apoyTPQuBVNff1X0AdVDwjat2vSAukST/3PmRX
4TNU4jV0rog/z6grexOCSl3oatJOi80t+F6uuTD6XTh5C5yDQNI/sTyaPpydbI+P
87UuY4UapZaei7fwc3MfurJ+jwEJc+jOWbll2YhIgCOuIe0GRX4e4CDC2KiO/BqA
WCPQNjk0Y0iC2+J+2Qy3QBOJTVO8E2DzIhIe4VjKK6OVVesYmJWSXX/Jx382CvUD
v5ss8mxGEs3yge4zeQ0GPPDaqTFwOJ1uppsdj10ZiW92E8v/fYwlBNGfrQIDAQAB
-----END PUBLIC KEY-----
英文:

I'm trying to generate a keypair to be used for SSH in Go. I seem to be creating a private key just fine, although I can't figure out how to generate a public key in the correct format.

Here's the code:

privateKey, err := rsa.GenerateKey(rand.Reader, 2014)
if err != nil {
	return nil, err
}

privateKeyDer := x509.MarshalPKCS1PrivateKey(privateKey)
privateKeyBlock := pem.Block{
	Type:    "RSA PRIVATE KEY",
	Headers: nil,
	Bytes:   privateKeyDer,
}
privateKeyPem := string(pem.EncodeToMemory(&privateKeyBlock))

publicKey := privateKey.PublicKey
publicKeyDer, err := x509.MarshalPKIXPublicKey(&publicKey)
if err != nil {
	return nil, err
}

publicKeyBlock := pem.Block{
	Type:    "PUBLIC KEY",
	Headers: nil,
	Bytes:   publicKeyDer,
}
publicKeyPem := string(pem.EncodeToMemory(&publicKeyBlock))

    fmt.Println(privateKeyPem)
    fmt.Println(publicKeyPem)

I get this output:

-----BEGIN RSA PRIVATE KEY-----
MIIEhgIBAAKB/DFnL5O2LCGJQJ/6W299AsrXsHU3nsGVTbjoDqXjdHboSqAuv0ap
oyTPQuBVNff1X0AdVDwjat2vSAukST/3PmRX4TNU4jV0rog/z6grexOCSl3oatJO
i80t+F6uuTD6XTh5C5yDQNI/sTyaPpydbI+P87UuY4UapZaei7fwc3MfurJ+jwEJ
c+jOWbll2YhIgCOuIe0GRX4e4CDC2KiO/BqAWCPQNjk0Y0iC2+J+2Qy3QBOJTVO8
E2DzIhIe4VjKK6OVVesYmJWSXX/Jx382CvUDv5ss8mxGEs3yge4zeQ0GPPDaqTFw
OJ1uppsdj10ZiW92E8v/fYwlBNGfrQIDAQABAoH8C2OCMEcavVBquXZ5haYH8sLu
RtdfnbjRhgLY/Z0FyDOcoHimV5/boCy3egeqvVKvdpRMSuDPTfOOZECnMjvJAlDP
9Yln7HLNmVM8h8QeR00N38Aof/rjd5VVYF5fCs9slgwxhQ8s7ksIjLPyIyCXWjER
OX9MKe8OpT4/b1Pa1X6I28PaC3LVjDHEkigPd705i8VuF2nvZ3+Kb5uQHeczsq6f
LfJTME0uewB2UhKokJRUlqNpRMp+N4DUhChwC9yN0EXlxzbTUsW8ouLFNKLCqlxZ
YAJqWfCFFe14f++Ie4tfyFI0e1VP7Gge+5vxiIkuPapj5MMg47bVQHtxAn5olgFT
/RWHAGsGPS8cyFZ3sh01qmfaPl4mgthTQdSKj/YKUXy8/u9Wqdk7DK5wfTxD6/Go
HUpNtXkEhL5HmWxq85lhXzos98C/hNlo2GIP1X3D7IgGTwe3z2nlKUCAXLdc3Wwf
GmpBsg3HXZ7ZBL2WwH6JNn/KgbjSioZChvMCfnjtHZMoYfgoD3ncUey4Db5K2/cu
mWPGosswouUOnEFjYHKxo2glxxPgtOK2EgURxE/t/Tz+WPak4gl8fMjg4v8cjuxo
kZdH6Izm0wqMrPOdKFFwFFSdwhl5DG9Ikg/UTznAprvkfmtF32/sX1Ux4NBD6paq
XvMSLPz67VIm3wJ+JAvvkT8deFZQjOnxnv39r2uYXbLJ8JKmaKeYX7nEw60ypAPJ
9mn3m+sWkB+iz+qaJt7ff4342ie9+iy2WH8suwAS0Vi8+Fq7+EaVmGlcAxEWM70G
dQYwJs46NV2ueY97M2qtpVq5XMM9tIU0BqB3p8nY0voRuX5UcVyFQdC5An493VDc
EDTOt+/y7/wZlq+xQqr18ikXGm/+c4tik+7spOKayrZGec03JiZkNbFSVpyQJ7j+
k0EALapWIBHW0vZOfVXBLF4PfwJB03T0WLPCjgwqXaSJBYxfa8YoyH+xCXTenuiu
B1+FkeGVaN/8vd+9rIE/QzoAMLRDWDxBYxECfkAVgjWSiLoK3fJcdwsh6e9bxgK7
EI8yFnWyFhymHTLjACcw9DIZyiaFkpjkXjB7NX0EzWtM5FPUmfrFFLlCpHAzZ8P6
FjXyOcfVlE9IF4gZHNUXHj8R0HflPWg9K9pfAxBhmc5+GJ6aL4smjvpp05fwPD6u
0yYyxcpe8iznsQ==
-----END RSA PRIVATE KEY-----
 -----BEGIN PUBLIC KEY-----
MIIBHDANBgkqhkiG9w0BAQEFAAOCAQkAMIIBBAKB/DFnL5O2LCGJQJ/6W299AsrX
sHU3nsGVTbjoDqXjdHboSqAuv0apoyTPQuBVNff1X0AdVDwjat2vSAukST/3PmRX
4TNU4jV0rog/z6grexOCSl3oatJOi80t+F6uuTD6XTh5C5yDQNI/sTyaPpydbI+P
87UuY4UapZaei7fwc3MfurJ+jwEJc+jOWbll2YhIgCOuIe0GRX4e4CDC2KiO/BqA
WCPQNjk0Y0iC2+J+2Qy3QBOJTVO8E2DzIhIe4VjKK6OVVesYmJWSXX/Jx382CvUD
v5ss8mxGEs3yge4zeQ0GPPDaqTFwOJ1uppsdj10ZiW92E8v/fYwlBNGfrQIDAQAB
-----END PUBLIC KEY-----

答案1

得分: 18

如果你想生成一个符合OpenSSH authorized_key文件格式的密钥,下面是我最近写的一个辅助函数:

// MakeSSHKeyPair 生成一对用于SSH访问的公钥和私钥。
// 公钥以OpenSSH authorized_keys文件的格式进行编码。
// 生成的私钥以PEM格式进行编码。
func MakeSSHKeyPair(pubKeyPath, privateKeyPath string) error {
	privateKey, err := rsa.GenerateKey(rand.Reader, 1024)
	if err != nil {
		return err
	}

	// 生成并写入PEM格式的私钥
	privateKeyFile, err := os.Create(privateKeyPath)
	defer privateKeyFile.Close()
	if err != nil {
		return err
	}
	privateKeyPEM := &pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(privateKey)}
	if err := pem.Encode(privateKeyFile, privateKeyPEM); err != nil {
		return err
	}

	// 生成并写入公钥
	pub, err := ssh.NewPublicKey(&privateKey.PublicKey)
	if err != nil {
		return err
	}
	return ioutil.WriteFile(pubKeyPath, ssh.MarshalAuthorizedKey(pub), 0655)
}

希望对你有帮助!

英文:

If you're looking for generating keys in the format that will be included in an OpenSSH authorized_key file, below is a helper I wrote recently:

// MakeSSHKeyPair make a pair of public and private keys for SSH access.
// Public key is encoded in the format for inclusion in an OpenSSH authorized_keys file.
// Private Key generated is PEM encoded
func MakeSSHKeyPair(pubKeyPath, privateKeyPath string) error {
	privateKey, err := rsa.GenerateKey(rand.Reader, 1024)
	if err != nil {
		return err
	}

	// generate and write private key as PEM
	privateKeyFile, err := os.Create(privateKeyPath)
	defer privateKeyFile.Close()
	if err != nil {
		return err
	}
	privateKeyPEM := &pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(privateKey)}
	if err := pem.Encode(privateKeyFile, privateKeyPEM); err != nil {
		return err
	}

	// generate and write public key
	pub, err := ssh.NewPublicKey(&privateKey.PublicKey)
	if err != nil {
		return err
	}
	return ioutil.WriteFile(pubKeyPath, ssh.MarshalAuthorizedKey(pub), 0655)
}

答案2

得分: 9

你可以使用OpenSSH的ssh-keygen工具来转换文件。

将PEM格式的密钥写入文件(例如pubkey.pem),然后执行以下命令进行转换:

ssh-keygen -m PKCS8 -f pubkey.pem -i

或者你可以使用ssh包中的MarshalAuthorizedKey函数:

// 使用上面的publicKey。
// 虽然NewPublicKey接受一个interface{}类型的参数,但它必须是一个指向密钥的指针。
pub, err := ssh.NewPublicKey(&publicKey)
if err != nil {
    // 处理错误
}
pubBytes := ssh.MarshalAuthorizedKey(pub)
fmt.Println(string(pubBytes))
英文:

You can use the OpenSSH ssh-keygen to convert the file.

Write the PEM out to a file (e.g. pubkey.pem) and convert it like so:

ssh-keygen -m PKCS8 -f pubkey.pem -i

Or you can use the MarshalAuthorizedKey function from the ssh package:

// using publicKey from above.
// though NewPublicKey takes an interface{}, it must be a pointer to a key.
pub, err := ssh.NewPublicKey(&publicKey)
if err != nil {
    // do something
}
pubBytes := ssh.MarshalAuthorizedKey(pub)
fmt.Println(string(pubBytes))

答案3

得分: 6

func MakeSSHKeyPair() (string, string, error) {
    privateKey, err := rsa.GenerateKey(rand.Reader, 1024)
    if err != nil {
        return "", "", err
    }

    // 生成并写入私钥的PEM格式
    var privKeyBuf strings.Builder

    privateKeyPEM := &pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(privateKey)}
    if err := pem.Encode(&privKeyBuf, privateKeyPEM); err != nil {
        return "", "", err
    }

    // 生成并写入公钥
    pub, err := ssh.NewPublicKey(&privateKey.PublicKey)
    if err != nil {
        return "", "", err
    }

    var pubKeyBuf strings.Builder
    pubKeyBuf.Write(ssh.MarshalAuthorizedKey(pub))

    return pubKeyBuf.String(), privKeyBuf.String(), nil
}
英文:

Adapted @Greg's version to return strings:

func MakeSSHKeyPair() (string, string, error) {
    privateKey, err := rsa.GenerateKey(rand.Reader, 1024)
    if err != nil {
        return "", "", err
    }

    // generate and write private key as PEM
    var privKeyBuf strings.Builder

    privateKeyPEM := &pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(privateKey)}
    if err := pem.Encode(&privKeyBuf, privateKeyPEM); err != nil {
        return "", "", err
    }

    // generate and write public key
    pub, err := ssh.NewPublicKey(&privateKey.PublicKey)
    if err != nil {
        return "", "", err
    }

    var pubKeyBuf strings.Builder
    pubKeyBuf.Write(ssh.MarshalAuthorizedKey(pub))

    return pubKeyBuf.String(), privKeyBuf.String(), nil
}

huangapple
  • 本文由 发表于 2014年1月16日 09:20:28
  • 转载请务必保留本文链接:https://go.coder-hub.com/21151714.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定