Security can be easily overlooked when building a product, especially when working with an outsourced engineering team. You want to trust them, so you give them access to your servers. But then you discover fraudulent activity, and, well, you start to panic.
The ssh private key is completely different from the X.509 certificate and private key. It's a little confusing because folks often save the ssh private key generated by EC2 in a '.pem' file just like the cert and pk use. You can't convert or use the X.509 certificate or private key for ssh as you tried to do.
In hindsight, you realize you never should have shared your Secure Shell (SSH) key, instead storing it in a vault with restricted user access. If, however, someone has a private SSH key to your Amazon Web Services (AWS) Elastic Compute Cloud (EC2) instance and you’re worried about a malicious attack, you have two options to revoke their access:
Here’s a summary of how to replace the keys mentioned in option No. 2 above:
(For more, DigitalOcean has a great tutorial on setting up SSH keys.)
K is arbitrary and should not be set to a fixed number like you did. The formula e.d = 1 + k. totient is correct but I think you misunderstood what it implies. What this formula actually means ise.d = 1 + k. totient = 1 mod(totient).Thus d is the modular multiplicative inverse of e mod(totient) an can be calculated with the extended euclidian algorithm.The last flaw I spotted is your way of choosing e. Key generation using rsa algorithm examples.
ssh-keygen -t rsa
cat ~/.ssh/id_rsa.pub ssh [email protected] 'mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys
where ~/.ssh/id_rsa.pub is the new key on your machine and [email protected] is the username and IP address of your EC2 instance.vim ~/.ssh/authorized_keys
Just go to the line with the old key and remove it: dd
Note: If you tried editing the file and didn’t save it, or the connection was interrupted, an .authorized_keys.swp file will be created, and the next time you try to edit your authorized_keys, you will get a nasty message. Just delete the .swp file, and you should be good to edit.Make sure to update the key if you’re using it elsewhere, like on a continuous integration (CI) server. Otherwise you’ll be scratching your head when none of your builds are working.
NoteIt is strongly recommended that you back up your private key to a secure location,then delete it from the local system, after adding it to ssh-agent.The private key cannot be retrieved from the agent.If you lose access to the private key, you would have to create a new key pairand update the public key on all systems you interact with. Deploying the public keyTo use the user key that was created above, the public key needs to be placed on the server into a text file called authorizedkeys under usersusername.ssh.The OpenSSH tools include scp, which is a secure file-transfer utility, to help with this.To move the contents of your public key (.sshided25519.pub) into a text file called authorizedkeys in.ssh on your server/host.This example uses the Repair-AuthorizedKeyPermissions function in the OpenSSHUtils module which was previously installed on the host in the instructions above. Generate private key windows 10.