如何使用Python生成SSH密钥对 [英] How to generate SSH key pairs with Python

问题描述

我正在尝试编写一个脚本来为我生成SSH身份密钥对.

I'm attempting to write a script to generate SSH Identity key pairs for me.

from M2Crypto import RSA
key = RSA.gen_key(1024, 65337)
key.save_key("/tmp/my.key", cipher=None)

文件/tmp/my.key现在看起来不错.

通过运行ssh-keygen -y -f /tmp/my.key > /tmp/my.key.pub，我可以提取公共密钥.

By running ssh-keygen -y -f /tmp/my.key > /tmp/my.key.pub I can extract the public key.

我的问题是如何从python中提取公钥?使用key.save_pub_key("/tmp/my.key.pub")保存类似的内容:

My question is how can I extract the public key from python? Using key.save_pub_key("/tmp/my.key.pub") saves something like:

-----BEGIN PUBLIC KEY-----
MFwwDQYJKoZIhvcNAQEBBQADASDASDASDASDBarYRsmMazM1hd7a+u3QeMP
...
FZQ7Ic+BmmeWHvvVP4Yjyu1t6vAut7mKkaDeKbT3yiGVUgAEUaWMXqECAwEAAQ==
-----END PUBLIC KEY-----

当我寻找类似的东西时:

When I'm looking for something like:

ssh-rsa AAAABCASDDBM$%3WEAv/3%$F ..... OSDFKJSL43$%^DFg==

推荐答案

使用cryptography！ pycrypto不再处于主动开发中，并且如果可能的话，您应该使用加密.从6月开始，还可以生成SSH公钥:

Use cryptography! pycrypto is not in active development anymore and if possible you should be using cryptography. Since June it's possible to generate SSH public keys as well:

from cryptography.hazmat.primitives import serialization as crypto_serialization
from cryptography.hazmat.primitives.asymmetric import rsa
from cryptography.hazmat.backends import default_backend as crypto_default_backend

key = rsa.generate_private_key(
    backend=crypto_default_backend(),
    public_exponent=65537,
    key_size=2048
)
private_key = key.private_bytes(
    crypto_serialization.Encoding.PEM,
    crypto_serialization.PrivateFormat.PKCS8,
    crypto_serialization.NoEncryption())
public_key = key.public_key().public_bytes(
    crypto_serialization.Encoding.OpenSSH,
    crypto_serialization.PublicFormat.OpenSSH
)

注意:您至少需要版本1.4.0.

Note: You need at least version 1.4.0.

这篇关于如何使用Python生成SSH密钥对的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！