ansaurus

Question

How to generate SSH key pairs with Python

Answer 1

A:

Can you get the AAAA...Dfg== string out of it while it's an object? If so, you could simply open a file yourself and save that instead of using the built in save_pub_key function.

saramah 2010-03-17 22:53:11

Answer 2

A:

Just guessing... but have you tried something like this?:

print "ssh-rsa " + "".join([ l.strip() for l in open('/tmp/my.key.pub') if not l.startswith('-----')])

MattH 2010-03-17 22:53:51

Answer 3

A:

I don't know of such a library in Python.

You might find the paramiko library useful (also available from PyPI). It implements the SSH protocol, and has functionality for handling existing keys, but not generating them.

Generation of keys might be a useful addition to that library (you could work with the developers to incorporate it into the library), and an easier start than doing it from scratch.

bignose 2010-03-17 23:01:58

Answer 4

A:

How about using subprocess to invoke ssh-keygen?

from subprocess import Popen, PIPE
import shlex

def get_pub_key(path):
    args = shlex.split('ssh-keygen -y -f')
    args.append(path)
    p = Popen(args, stdout=PIPE)
    stdout = p.communicate()[0]
    if p.returncode != 0:
        raise Exception("Error handling would be nice, eh?")
    return stdout.strip()

print get_pub_key('/tmp/my.key')

The above little program will produce an output like this:

ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA ... 9Jbn6D74JOKpaOU050ltyNRw==

Pavel Repin 2010-03-18 00:24:17

Answer 5

+1 A:

The key used by ssh is just base64 encoded, i don't know M2Crypto very much, but after a quick overview it seems you could do what you want this way:

import os
from base64 import b64encode
from M2Crypto import RSA            

key = RSA.gen_key(1024, 65537)
raw_key = key.pub()[1]
b64key = b64encode(raw_key)

username = os.getlogin()
hostname = os.uname()[1]
keystring = 'ssh-rsa %s %s@%s' % (b64key, username, hostname)

with open(os.getenv('HOME')+'/.ssh/id_rsa.pub') as keyfile:
    keyfile.write(keystring)

I didn't test the generated key with SSH, so please let me know if it works (it should i think)

MatToufoutu 2010-03-18 01:06:09

this is oh so close to what I'm looking for. Unfortunately, I'm not sure it works. The b64encoded characters almost match what ssh-keygen outputs, but there are 24 more characters between the first AAAA and the rest of the key. ie, the b64 key looks like "ssh-rsa AAAAabcdef...==" and the ssh-keygen key looks like "ssh-rsa AAAA<24 letters>abcdef...==" Any more tips?

Lee 2010-04-08 16:26:54

Answer 6

A:

I don't know the specifics of the SSH pubkey file, but comparing the base64 decoded version of ssh-keygen output to the contents of key.pub() the format of the keyfile is

b64encode('\x00\x00\x00\x07ssh-rsa%s%s' % (key.pub()[0], key.pub()[1]))

manis 2010-10-15 04:19:02

Looking at it more the first 4 bytes represent the length of the string ssh-rsa, followed by the bytes found in key.pub()[0] so this is easy to construct.

manis 2010-10-15 05:40:29

ansaurus

tags:

views:

answers:

How to generate SSH key pairs with Python

related questions