[Cryptography-dev] dumb question ... simple RSA ssh keys
Paul Kehrer
paul.l.kehrer at gmail.com
Wed Jul 15 04:19:44 CEST 2015
Hi Drew,
At the moment we don't have a function for serialization to ssh public key. The base64 encoded data in an ssh RSA public key isn't actually a subjectPublicKeyInfo but instead documented in RFC 4253. (http://tools.ietf.org/html/rfc4253)
We do plan to eventually support this serialization format but no one has tackled the work yet.
-Paul Kehrer (reaperhulk)
On July 14, 2015 at 7:01:18 PM, Drew Fisher (drew.fisher at oracle.com) wrote:
Good afternoon!
I'm trying to figure out how to replicate
'ssh-keygen -t rsa -b 2048 -q -N '' -C my_comment -f somefile'
with cryptography v0.8.2.
The best I've gotten to so far is
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives.asymmetric import rsa
private_key = rsa.generate_private_key(
public_exponent=65537,
key_size=2048,
backend=default_backend()
)
public_key = private_key.public_key()
private_pem = private_key.private_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PrivateFormat.TraditionalOpenSSL,
encryption_algorithm=serialization.NoEncryption()
)
public_pem = public_key.public_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PublicFormat.SubjectPublicKeyInfo
)
but when I put the public_pem content into a remote authorized_keys
file, I get prompted for the passphrase and password of the key.
Is it possible to replicate generation of simple ssh keys without
passphrases via cryptography?
Thanks!
-Drew
_______________________________________________
Cryptography-dev mailing list
Cryptography-dev at python.org
https://mail.python.org/mailman/listinfo/cryptography-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/cryptography-dev/attachments/20150714/cd800eb4/attachment.html>
More information about the Cryptography-dev
mailing list