How to generate SSH key pairs with Python

Question

I'm attempting to write a script to generate SSH Identity key pairs for me.

from M2Crypto import RSA
key = RSA.gen_key(1024, 65337)
key.save_key("/tmp/my.key", cipher=None)

The file /tmp/my.key looks great now.

By running ssh-keygen -y -f /tmp/my.key > /tmp/my.key.pub I can extract the public key.

My question is how can I extract the public key from python? Using key.save_pub_key("/tmp/my.key.pub") saves something like:

-----BEGIN PUBLIC KEY-----
MFwwDQYJKoZIhvcNAQEBBQADASDASDASDASDBarYRsmMazM1hd7a+u3QeMP
...
FZQ7Ic+BmmeWHvvVP4Yjyu1t6vAut7mKkaDeKbT3yiGVUgAEUaWMXqECAwEAAQ==
-----END PUBLIC KEY-----

When I'm looking for something like:

ssh-rsa AAAABCASDDBM$%3WEAv/3%$F ..... OSDFKJSL43$%^DFg==

Check pycryto, since already have format 'OpenSSH' for the exportKey method. — Jorge E. Cardona
– Jorge E. Cardona, Commented May 9, 2012 at 15:52
pycrypto is unmaintained and has known vulnerabilities. pycryptodome is a drop-in replacement. — Merlijn Sebrechts
– Merlijn Sebrechts, Commented Aug 5, 2016 at 8:39
I think you meant 65537 rather than 65337. The former is much more common. The risks associated with using other numbers are disputed, but the consensus is that 65537 (that is, 2^16 + 1) is secure. 65337 is not NIST-compliant. — Zenexer
– Zenexer, Commented Feb 13, 2017 at 5:55

Ben Davis · Accepted Answer · 2021-10-11 14:54:03Z

98

Use cryptography! pycrypto is not in active development anymore and if possible you should be using cryptography. Since June it's possible to generate SSH public keys as well:

from cryptography.hazmat.primitives import serialization as crypto_serialization
from cryptography.hazmat.primitives.asymmetric import rsa
from cryptography.hazmat.backends import default_backend as crypto_default_backend

key = rsa.generate_private_key(
    backend=crypto_default_backend(),
    public_exponent=65537,
    key_size=2048
)

private_key = key.private_bytes(
    crypto_serialization.Encoding.PEM,
    crypto_serialization.PrivateFormat.PKCS8,
    crypto_serialization.NoEncryption()
)

public_key = key.public_key().public_bytes(
    crypto_serialization.Encoding.OpenSSH,
    crypto_serialization.PublicFormat.OpenSSH
)

Note: You need at least version 1.4.0.

Note: If your SSH client does not understand this private key format, replace PKCS8 with TraditionalOpenSSL.

edited Oct 11, 2021 at 14:54

Ben Davis

14k12 gold badges58 silver badges74 bronze badges

answered Aug 24, 2016 at 14:55

Dave Halter

16.5k15 gold badges80 silver badges104 bronze badges

Sign up to request clarification or add additional context in comments.

3 Comments

Samveen Over a year ago

Points of note: Version requirement of cryptography >= 1.4.0 and missing an import statement: from cryptography.hazmat.backends import default_backend as crypto_default_backend

Dave Halter Over a year ago

Thanks! Adjusted accordingly.

user592419 Over a year ago

How do you convert this to the other format, i.e. `ssh-rsa AAAABCASDDBM$%3WEAv/3%$F ..... OSDFKJSL43$%^DFg=='

Arun Panneerselvam · Accepted Answer · 2024-02-24 10:00:09Z

45

Just in case there are any future travellers looking to do this. The RSA module support writing out the public key in OpenSSH format now (possibly didn't at the time of earlier posts). So I think you can do what you need with:

from os import chmod
from Crypto.PublicKey import RSA

key = RSA.generate(2048)
with open("/tmp/private.key", 'wb') as content_file:
    chmod("/tmp/private.key", 0o600) #use an 0o prefix for octal integers
    content_file.write(key.exportKey('PEM'))
pubkey = key.publickey()
with open("/tmp/public.key", 'wb') as content_file:
    content_file.write(pubkey.exportKey('OpenSSH'))

The files are opened with a 'wb' as the keys must be written in binary mode. Obviously don't store you're private key in /tmp...

edited Feb 24, 2024 at 10:00

Arun Panneerselvam

2,3331 gold badge20 silver badges28 bronze badges

answered Mar 17, 2014 at 8:15

fruitbeeriswrong

5914 silver badges3 bronze badges

6 Comments

signal Over a year ago

In key.exportKey('PEM'), the argument indicates output format. There are three options: 'DER' - binary encoding, 'PEM' - texture encoding, 'OpenSSH' - texture encoding according to OpenSSH spec.

datu-puti Over a year ago

@signal According to the documentation, OpenSSH for export is "only suitable for public keys (not private keys)".

fruitbeeriswrong Over a year ago

I believe the phrase you quote relates to using the 'OpenSSH' format option with exportKey rather than the exportKey method itself eg the docs say you can use 'OpenSSH' format arg for the public key, as I have done, and 'PEM' for the private key as I have done.

fatal_error Over a year ago

Use cryptography instead of pycrypto for this; see other answer stackoverflow.com/a/39126754#1301627

dangirsh Over a year ago

In Python3, octal literals must have a "0o" prefix, so: chmod("/tmp/private.key", 0600) becomes chmod("/tmp/private.key", 0o600)

|

Matt Clegg · Accepted Answer · 2017-12-04 10:43:29Z

5

Edit 05/09/2012:

I just realized that pycrypto already has this:

import os
from Crypto.PublicKey import RSA

key = RSA.generate(2048, os.urandom)
print key.exportKey('OpenSSH')

This code works for me:

import os
from Crypto.PublicKey import RSA

key = RSA.generate(2048, os.urandom)

# Create public key.                                                                                                                                               
ssh_rsa = '00000007' + base64.b16encode('ssh-rsa')

# Exponent.                                                                                                                                                        
exponent = '%x' % (key.e, )
if len(exponent) % 2:
    exponent = '0' + exponent

ssh_rsa += '%08x' % (len(exponent) / 2, )
ssh_rsa += exponent

modulus = '%x' % (key.n, )
if len(modulus) % 2:
    modulus = '0' + modulus

if modulus[0] in '89abcdef':
    modulus = '00' + modulus

ssh_rsa += '%08x' % (len(modulus) / 2, )
ssh_rsa += modulus

public_key = 'ssh-rsa %s' % (
    base64.b64encode(base64.b16decode(ssh_rsa.upper())), )

edited Dec 4, 2017 at 10:43

Matt Clegg

5881 gold badge5 silver badges16 bronze badges

answered Mar 28, 2011 at 3:10

Jorge E. Cardona

96.3k3 gold badges40 silver badges44 bronze badges

3 Comments

Jorge E. Cardona Over a year ago

I just added this code to a fork of pycrypto at github.com/jorgeecardona/pycrypto

Will Over a year ago

Would you mind explaining a bit more about whats being done to the key after generation? Especially with respect to modulus?

Jorge E. Cardona Over a year ago

There is a padding in there, I can't explain it pretty well at this moment, this was 3 years ago, this code actually is ugly, and you should try to read pycrypto implementation instead this, the code is here: github.com/dlitz/pycrypto/blob/master/lib/Crypto/PublicKey/…

mdeous · Accepted Answer · 2010-03-18 12:36:01Z

4

The key used by ssh is just base64 encoded, i don't know M2Crypto very much, but after a quick overview it seems you could do what you want this way:

import os
from base64 import b64encode
from M2Crypto import RSA            

key = RSA.gen_key(1024, 65537)
raw_key = key.pub()[1]
b64key = b64encode(raw_key)

username = os.getlogin()
hostname = os.uname()[1]
keystring = 'ssh-rsa %s %s@%s' % (b64key, username, hostname)

with open(os.getenv('HOME')+'/.ssh/id_rsa.pub') as keyfile:
    keyfile.write(keystring)

I didn't test the generated key with SSH, so please let me know if it works (it should i think)

edited Mar 18, 2010 at 12:36

answered Mar 18, 2010 at 1:06

mdeous

18.1k7 gold badges60 silver badges60 bronze badges

1 Comment

Lee Over a year ago

this is oh so close to what I'm looking for. Unfortunately, I'm not sure it works. The b64encoded characters almost match what ssh-keygen outputs, but there are 24 more characters between the first AAAA and the rest of the key. ie, the b64 key looks like "ssh-rsa AAAAabcdef...==" and the ssh-keygen key looks like "ssh-rsa AAAA<24 letters>abcdef...==" Any more tips?

manis · Accepted Answer · 2012-09-30 08:15:11Z

1

The base64 decoded version of ssh-keygen output to the contents of key.pub() the format of the keyfile is

b64encode('\x00\x00\x00\x07ssh-rsa%s%s' % (key.pub()[0], key.pub()[1]))

edited Sep 30, 2012 at 8:15

answered Oct 15, 2010 at 4:19

manis

193 bronze badges

1 Comment

manis Over a year ago

Looking at it more the first 4 bytes represent the length of the string ssh-rsa, followed by the bytes found in key.pub()[0] so this is easy to construct.

NegatioN · Accepted Answer · 2019-12-18 12:14:21Z

1

If you want, you could just also use ssh-keygen itself. You can extend this to also create your file, and just use open to read the content later, but i focused on creating a .pub key from an already existing key here.

from subprocess import Popen, PIPE
import os

home = f'{os.path.expanduser("~")}'
cert_pos = f'{home}/.ssh/my_key'
your_key_pw = ''

cmd = ['ssh-keygen', '-y', '-f', cert_pos]
if your_key_pw:
    cmd.append('-P')
    cmd.append(your_key_pw)

p = Popen(cmd, stdout=PIPE)
p.wait()
res, err = p.communicate()

cert_content = res.decode('utf-8')

answered Dec 18, 2019 at 12:14

NegatioN

7472 gold badges11 silver badges24 bronze badges

Comments

MattH · Accepted Answer · 2010-03-17 22:53:51Z

0

Just guessing... but have you tried something like this?:

print "ssh-rsa " + "".join([ l.strip() for l in open('/tmp/my.key.pub') if not l.startswith('-----')])

answered Mar 17, 2010 at 22:53

MattH

38.4k11 gold badges85 silver badges84 bronze badges

Comments

saramah · Accepted Answer · 2010-03-17 23:35:40Z

0

Can you get the AAAA...Dfg== string out of it while it's an object? If so, you could simply open a file yourself and save that instead of using the built in save_pub_key function.

edited Mar 17, 2010 at 23:35

answered Mar 17, 2010 at 22:53

saramah

1688 bronze badges

Comments

casperOne · Accepted Answer · 2012-02-28 13:59:24Z

0

Here is an example using the Twisted Conch library which leverages PyCrypto under the covers. You can find the API documentation at http://twistedmatrix.com/documents/current/api/twisted.conch.ssh.keys.html:

from twisted.conch.ssh import keys

# one-time use key
k="""-----BEGIN RSA PRIVATE KEY-----
PRIVATE KEY STUFF
-----END RSA PRIVATE KEY-----"""

# create pycrypto RSA object
rsa = keys.RSA.importKey(k)

# create `twisted.conch.ssh.keys.Key` instance which has some nice helpers
key = keys.Key(rsa)

# pull the public part of the key and export an openssh version
ssh_public = key.public().toString("openssh")
print ssh_public

edited Feb 28, 2012 at 13:59

casperOne

74.7k19 gold badges189 silver badges262 bronze badges

answered Feb 26, 2012 at 23:58

gabrtv

3,5882 gold badges25 silver badges29 bronze badges

Comments

rominf · Accepted Answer · 2018-12-06 11:24:57Z

0

You can use pycryptodome as described in documentation:

from Crypto.PublicKey import RSA

key = RSA.generate(2048)
private_key = key.export_key()
file_out = open("private.pem", "wb")
file_out.write(private_key)

public_key = key.publickey().export_key()
file_out = open("receiver.pem", "wb")
file_out.write(public_key)

answered Dec 6, 2018 at 11:24

rominf

2,8963 gold badges26 silver badges41 bronze badges

Comments

grey · Accepted Answer · 2023-02-28 11:15:41Z

-1

pip install ssh-key-maker

import ssh_key_maker

#for windows users

ssh_key_maker.generate_ssh_key()

answered Feb 28, 2023 at 11:15

grey

3573 silver badges6 bronze badges

Collectives™ on Stack Overflow

How to generate SSH key pairs with Python

11 Answers 11

3 Comments

6 Comments

3 Comments

1 Comment

1 Comment

Comments

Comments

Comments

Comments

Comments

Comments

Your Answer

Linked

Hot Network Questions

Collectives™ on Stack Overflow

11 Answers 11

3 Comments

6 Comments

3 Comments

1 Comment

1 Comment

Comments

Comments

Comments

Comments

Comments

Comments

Your Answer

Sign up or log in

Post as a guest

Linked

Related