我想检查一对RSA密钥的正确性。据我所知,我可以使用以下命令从私钥创建公钥,然后比较两个公钥是否相等:
ssh-keygen -y -f <PRIVATE-KEY>
问题是,为什么当我使用上面的命令时,它无法加载密钥?
还有其他方法可以检查一对 RSA 密钥的正确性吗?
供参考 :
root@bt:~# ssh-keygen -y -v -f /root/Desktop/PROIVA
debug1: PEM_read_PrivateKey failed
debug1: read PEM private key done: type <unknown>
Enter passphrase:
debug1: PEM_read_PrivateKey failed
debug1: read PEM private key done: type <unknown>
load failed
root@bt:~# file /root/Desktop/PROIVA
/root/Desktop/PROIVA: data
root@bt:~#
root@bt:~# openssl rsa -in /root/Desktop/PROIVA -inform der -noout -text
unable to load Private Key
1819:error:0D094065:asn1 encoding routines:d2i_ASN1_SET:bad class:a_set.c:190:
1819:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:1316:
1819:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:380:Type=RSA
1819:error:0D09A00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib:d2i_pr.c:99:
root@bt:~#
root@bt:~#
root@bt:~# openssl rsa -in /root/Desktop/PROIVA -inform DER -out /root/Desktop/PROIVA.pem -outform PEM
unable to load Private Key
1820:error:0D094065:asn1 encoding routines:d2i_ASN1_SET:bad class:a_set.c:190:
1820:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:1316:
1820:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:380:Type=RSA
1820:error:0D09A00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib:d2i_pr.c:99:
root@bt:~#
root@bt:~#
但以下命令会Proiva.der在桌面上创建:
root@bt:~# openssl base64 -in /root/Desktop/PROIVA -out /root/Desktop/Proiva.der
root@bt:~#
root@bt:~# openssl rsa -in /root/Desktop/Proiva.der -inform der -noout -text
unable to load Private Key
1826:error:0D094065:asn1 encoding routines:d2i_ASN1_SET:bad class:a_set.c:190:
1826:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:1316:
1826:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:380:Type=RSA
1826:error:0D09A00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib:d2i_pr.c:99:
root@bt:~#
这是我的公共/私有文件的 Base64 视图:
私人的 :
m37jkNportKxhOtP84bKXPY5JR16dzt2ZgdnGNrx7Q9u31jkn2lUPxDwdjlTzU8sIWUxHP4inC56
sxlbv9oeQQxhzF0CxclBuiR1kkfzRVMoEiXmacbozqM4+oh/+Bd1+jok25BQPnXkOq5tu/SIclkv
9zL20p+YsqL0esPUJvcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAASN5x6F8svVvzGBu70a4MeMTqeX128LoJhMRDUx2
Z0uWgc0jEsXr2fSpgLL4UU4+Cet0ksfykyLe18+UsYIL2WrSvEIQRspgq3u5sYGSyn4tWs701V76
cOR/j//O1rCPp/ose/2L+muW28D8wMwq2jIZog7HKMGzgj1KiLuNhICBzXfh3UqoiOArZWVY48Vm
/ZAp9+YhsiAKQ8Z0mpL9mxCmdD24HxGiGJ7uZW4a8X4bRPj0SZYlCbiL3X8Glq3ImcG8xSo7+PaX
CcuTQAeER/EtIdnTkES5/ge1YEg3OjTAG6zeVmV3L/901G0g5bWK3ynJBB+gWuskNnD7K7+SVg8M
n0K2z3FPB0ZjMjiltWjARuztF6wWPzWiODzNih4eOoWfOnNnJTQqAwluHbd2AmM2d3y6UIjx8e5V
qwoCk6ZxrPAZu/Ke8Vev2bYO0Obm5UWZUv1EaeTw+uaQFMafwZi+25f43UgAY3NhcCyOgHh/bqhO
cwDMR9wicMX0rmQtRwmMjZSf0OE0r1NE058hACna/y1zKu5+lEw2pHi1i6SuiE/FebJ4yCTd7BqN
NDbDk5C6aE/J9R9X57as5YcFXwM=
民众 :
m37jkNportKxhOtP84bKXPY5JR16dzt2ZgdnGNrx7Q9u31jkn2lUPxDwdjlTzU8sIWUxHP4inC56
sxlbv9oeQQxhzF0CxclBuiR1kkfzRVMoEiXmacbozqM4+oh/+Bd1+jok25BQPnXkOq5tu/SIclkv
9zL20p+YsqL0esPUJvcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAQ==
请注意,我通过以下方式生成了上述文件的 base64 视图这在线工具。
答案1
看来您的文件是DER二进制格式的。您首先需要将文件转换为egPEM格式。
要验证文件是否为DER二进制格式,请运行:
openssl rsa -in /root/Desktop/PROIVA -inform der -noout -text
如果它返回类似以下内容,那么它确实是DER格式正确的。
Private-Key: (1024 bit)
modulus:
00:a9:07:0c:59:20:6f:48:c0:34:59:c1:10:17:f5:
................................
..............................
运行以下命令:
openssl rsa -in /root/Desktop/PROIVA -inform DER -out /root/Desktop/PROIVA.pem -outform PEM
现在您的PROVIA文件已转换为PEM格式。
终于跑了。
ssh-keygen -y -v -f /root/Desktop/PROIVA.pem