Generate SSH RSA Private/Public Key pair with Golang
This is a one-way formula that ensures the public key can be derived from the private key but the private key cannot be derived from the public key. SSH keys are created using a key generation tool. The SSH command line tool suite includes a keygen tool. Most git hosting providers offer guides on how to create an SSH Key. Generate an SSH Key on. The basic function is to create public and private key pairs. PuTTY stores keys in its own format in.ppk files. However, the tool can also convert keys to and from other formats. To create a new key pair, select the type of key to generate from the bottom of the screen (using SSH-2 RSA with 2048 bit key size is good for most people.
Nov 21, 2017 Clone via HTTPS Clone with Git or checkout with SVN using the repository’s web address. Learn more about clone URLs. Generate SSH RSA Private/Public Key pair with Golang Raw. Gistfile1.txt // This shows an example of how to generate a SSH RSA Private/Public key pair and save it locally: package main: import ('crypto/rand'.
gistfile1.txt
Generate Public Private Key Pair
// This shows an example of how to generate a SSH RSA Private/Public key pair and save it locally |
package main |
import ( |
'crypto/rand' |
'crypto/rsa' |
'crypto/x509' |
'encoding/pem' |
'golang.org/x/crypto/ssh' |
'io/ioutil' |
'log' |
) |
func main() { |
savePrivateFileTo := './id_rsa_test' |
savePublicFileTo := './id_rsa_test.pub' |
bitSize := 4096 |
privateKey, err := generatePrivateKey(bitSize) |
if err != nil { |
log.Fatal(err.Error()) |
} |
publicKeyBytes, err := generatePublicKey(&privateKey.PublicKey) |
if err != nil { |
log.Fatal(err.Error()) |
} |
privateKeyBytes := encodePrivateKeyToPEM(privateKey) |
err = writeKeyToFile(privateKeyBytes, savePrivateFileTo) |
if err != nil { |
log.Fatal(err.Error()) |
} |
err = writeKeyToFile([]byte(publicKeyBytes), savePublicFileTo) |
if err != nil { |
log.Fatal(err.Error()) |
} |
} |
// generatePrivateKey creates a RSA Private Key of specified byte size |
func generatePrivateKey(bitSize int) (*rsa.PrivateKey, error) { |
// Private Key generation |
privateKey, err := rsa.GenerateKey(rand.Reader, bitSize) |
if err != nil { |
return nil, err |
} |
// Validate Private Key |
err = privateKey.Validate() |
if err != nil { |
return nil, err |
} |
log.Println('Private Key generated') |
return privateKey, nil |
} |
// encodePrivateKeyToPEM encodes Private Key from RSA to PEM format |
func encodePrivateKeyToPEM(privateKey *rsa.PrivateKey) []byte { |
// Get ASN.1 DER format |
privDER := x509.MarshalPKCS1PrivateKey(privateKey) |
// pem.Block |
privBlock := pem.Block{ |
Type: 'RSA PRIVATE KEY', |
Headers: nil, |
Bytes: privDER, |
} |
// Private key in PEM format |
privatePEM := pem.EncodeToMemory(&privBlock) |
return privatePEM |
} |
// generatePublicKey take a rsa.PublicKey and return bytes suitable for writing to .pub file |
// returns in the format 'ssh-rsa ...' |
func generatePublicKey(privatekey *rsa.PublicKey) ([]byte, error) { |
publicRsaKey, err := ssh.NewPublicKey(privatekey) |
if err != nil { |
return nil, err |
} |
pubKeyBytes := ssh.MarshalAuthorizedKey(publicRsaKey) |
log.Println('Public key generated') |
return pubKeyBytes, nil |
} |
// writePemToFile writes keys to a file |
func writeKeyToFile(keyBytes []byte, saveFileTo string) error { |
err := ioutil.WriteFile(saveFileTo, keyBytes, 0600) |
if err != nil { |
return err |
} |
log.Printf('Key saved to: %s', saveFileTo) |
return nil |
} |
Public And Private Key Pair
Sign up for freeto join this conversation on GitHub. Already have an account? Sign in to comment