Skip to content

Key pairs, e.g. for AWS EC2

Jump to bottom
Anthony Fok edited this page Sep 19, 2023 · 1 revision

Helpful commands to manipulate and verify key pairs

  1. To get the public key from a pem file:

    ssh-keygen -f private.pem -y > public.pub

    See ssh - How do I get the public key of a pem file? - Stack Overflow

  2. How to get the private key from a pem file?
    Answer: The .pem file is the private key, and one that ssh can use directly!

  3. To verify your key pair's fingerprint, for a key that was created on AWS:
    openssl pkcs8 -in path_to_private_key -inform PEM -outform DER -topk8 -nocrypt | openssl sha1 -c
    See https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html#verify-key-pair-fingerprints for more information including commands for key pairs that were generated elsewhere.

Converting an SSH2 Public Key to OpenSSH format

ssh-keygen -i -f john-doe-public-1-SSH2.pub

AWS CLI commands for getting EC2 public keys

# List all existing keys
aws ec2 describe-key-pairs

# Quick way to generate entries for appending to ~/.ssh/authorized_keys on target EC2 instance
aws ec2 describe-key-pairs --include-public-key --key-names john-doe-public jane-doe-public-1 | jq -r '.KeyPairs.[].PublicKey'

Miscellaneous (no longer used...)

  1. To remove passphrase from an existing SSH key:

    ssh-genkey -p

    See unix - How do I remove the passphrase for the SSH key without having to create a new key? - Stack Overflow

  2. To convert SSH private key to PuTTY private key:

    puttygen NAME-id_rsa -o NAME-id_rsa.ppk -O private --ppk-param version=2

Wikis: data | model-factory | opendrr-api | opendrr | python-env | riskprofiler-cms

Clone this wiki locally