// This shows an example of how to generate a SSH RSA Private/Public key pair and save it locally |
package main |
import ( |
'crypto/rand' |
'crypto/rsa' |
'crypto/x509' |
'encoding/pem' |
'golang.org/x/crypto/ssh' |
'io/ioutil' |
'log' |
) |
func main() { |
savePrivateFileTo := './id_rsa_test' |
savePublicFileTo := './id_rsa_test.pub' |
bitSize := 4096 |
privateKey, err := generatePrivateKey(bitSize) |
if err != nil { |
log.Fatal(err.Error()) |
} |
publicKeyBytes, err := generatePublicKey(&privateKey.PublicKey) |
if err != nil { |
log.Fatal(err.Error()) |
} |
privateKeyBytes := encodePrivateKeyToPEM(privateKey) |
err = writeKeyToFile(privateKeyBytes, savePrivateFileTo) |
if err != nil { |
log.Fatal(err.Error()) |
} |
err = writeKeyToFile([]byte(publicKeyBytes), savePublicFileTo) |
if err != nil { |
log.Fatal(err.Error()) |
} |
} |
// generatePrivateKey creates a RSA Private Key of specified byte size |
func generatePrivateKey(bitSize int) (*rsa.PrivateKey, error) { |
// Private Key generation |
privateKey, err := rsa.GenerateKey(rand.Reader, bitSize) |
if err != nil { |
return nil, err |
} |
// Validate Private Key |
err = privateKey.Validate() |
if err != nil { |
return nil, err |
} |
log.Println('Private Key generated') |
return privateKey, nil |
} |
// encodePrivateKeyToPEM encodes Private Key from RSA to PEM format |
func encodePrivateKeyToPEM(privateKey *rsa.PrivateKey) []byte { |
// Get ASN.1 DER format |
privDER := x509.MarshalPKCS1PrivateKey(privateKey) |
// pem.Block |
privBlock := pem.Block{ |
Type: 'RSA PRIVATE KEY', |
Headers: nil, |
Bytes: privDER, |
} |
// Private key in PEM format |
privatePEM := pem.EncodeToMemory(&privBlock) |
return privatePEM |
} |
// generatePublicKey take a rsa.PublicKey and return bytes suitable for writing to .pub file |
// returns in the format 'ssh-rsa ..' |
func generatePublicKey(privatekey *rsa.PublicKey) ([]byte, error) { |
publicRsaKey, err := ssh.NewPublicKey(privatekey) |
if err != nil { |
return nil, err |
} |
pubKeyBytes := ssh.MarshalAuthorizedKey(publicRsaKey) |
log.Println('Public key generated') |
return pubKeyBytes, nil |
} |
// writePemToFile writes keys to a file |
func writeKeyToFile(keyBytes []byte, saveFileTo string) error { |
err := ioutil.WriteFile(saveFileTo, keyBytes, 0600) |
if err != nil { |
return err |
} |
log.Printf('Key saved to: %s', saveFileTo) |
return nil |
} |
Generate a wep key from my verizon router. If you don’t have these files (or you don’t even have a.ssh directory), you can create them by running a program called ssh-keygen, which is provided with the SSH package on Linux/macOS systems and comes with Git for Windows: $ ssh-keygen -o Generating public/private rsa key pair. Generating Your SSH Public Key Many Git servers authenticate using SSH public keys. In order to provide a public key, each user in your system must generate one if they don’t already have one.
Generating a Secure Shell (SSH) Public/Private Key Pair Several tools exist to generate SSH public/private key pairs. The following sections show how to generate an SSH key pair on UNIX, UNIX-like and Windows platforms. GitHub Enterprise Server Authentication Connecting to GitHub with SSH Generating a new SSH key and adding it to the ssh-agent Generating a new SSH key and adding it to the ssh-agent After you've checked for existing SSH keys, you can generate a new SSH key to use for authentication, then add it to the ssh-agent. Jul 25, 2019 Execute the following command: ssh-keygen -t rsa (when prompted, enter password, key name can stay the same) Open the file you’ve just created /.ssh/idrsa.pub with your favorite text editor, and copy contents to your Git repository’s keys field (GitHub, beanstalk, or any other repository provider), under your account.
#! /bin/bash |
# Use Examples |
# ./ssh-keygen Additional comments |
# ./ssh-keygen '(Work)' |
ROUNDS=100 |
ifhash networksetup 2>/dev/null;then |
# Mac only: Computer Name |
COMMENT='$(networksetup -getcomputername)$@' |
else |
COMMENT='$@' |
fi |
# remove leading and trailing spaces |
COMMENT='$(echo '$COMMENT' sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//')' |
echo'-----> Generating SSH Keys ($COMMENT)' |
if [ !-f~/.ssh/id_rsa ];then |
echo -e 'yn'ssh-keygen -q -t rsa -b 4096 -o -a ${ROUNDS} -N '' -C '$COMMENT' -f ~/.ssh/id_rsa |
ssh-add ~/.ssh/id_rsa |
echo'~/.ssh/id_rsa' |
else |
echo'~/.ssh/id_rsa Skipped!' |
fi |
if [ !-f~/.ssh/id_ecdsa ];then |
echo -e 'yn'ssh-keygen -q -t ecdsa -b 521 -o -a ${ROUNDS} -N '' -C '$COMMENT' -f ~/.ssh/id_ecdsa |
ssh-add ~/.ssh/id_ecdsa |
echo'~/.ssh/id_ecdsa' |
else |
echo'~/.ssh/id_ecdsa Skipped!' |
fi |
if [ !-f~/.ssh/id_ed25519 ];then |
echo -e 'yn'ssh-keygen -q -t ed25519 -o -a ${ROUNDS} -N '' -C '$COMMENT' -f ~/.ssh/id_ed25519 |
ssh-add ~/.ssh/id_ed25519 |
echo'~/.ssh/id_ed25519' |
else |
echo'~/.ssh/id_ed25519 Skipped!' |
fi |
echo'-----> Generating Secure Enclave Key ($COMMENT)' |
ifhash sekey 2>/dev/null;then |
if [ !-f~/.ssh/id_ecdsa256.pub ];then |
sekey --generate-keypair '$COMMENT' |
keyline=$(sekey --list-keys grep '$COMMENT') |
keyarr=($keyline) |
keyarrlen=${#keyarr[@]} |
key=${keyarr[((keyarrlen-2))]} |
echo$key |
sekey --export-key $key>~/.ssh/id_ecdsa256.pub |
echo'~/.ssh/id_ecdsa256.pub (Private key is stored in the Secure Enclave)' |
else |
echo'~/.ssh/id_ecdsa256 (Secure Enclave) Skipped!' |
fi |
else |
echo'SeKey not installed. (https://github.com/ntrippar/sekey)' |
echo'1. Ensure you have TouchId built-in to your Mac' |
echo'2. $ brew cask install sekey' |
fi |
echo'Done!' |