Each private key has a corresponding public key. Generally, the public key can be easily derived from the private key, but deriving the private key from the public key is computationally infeasible.
openssl rsa -in privkey.pem -pubout > key.pub
That writes the public key to key.pub
Though, the above technique works for the general case, it didn't work on Amazon Web Services (AWS) PEM files.
I did find in the AWS docs the following command works:
ssh-keygen -y
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html
edit Thanks @makenova for the complete line:
ssh-keygen -y -f key.pem > key.pub
For those interested in the details - you can see what's inside the public key file (generated as explained above), by doing this:-
openssl rsa -noout -text -inform PEM -in key.pub -pubin
or for the private key file, this:-
openssl rsa -noout -text -in key.private
which outputs as text on the console the actual components of the key (modulus, exponents, primes, ...)
For AWS importing an existing public key,
Export from the .pem doing this... (on linux)
openssl rsa -in ./AWSGeneratedKey.pem -pubout -out PublicKey.pub
This will produce a file which if you open in a text editor looking something like this...
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/8y3uYCQxSXZ58OYceG
A4uPdGHZXDYOQR11xcHTrH13jJEzdkYZG8irtyG+m3Jb6f9F8WkmTZxl+4YtkJdN
9WyrKhxq4Vbt42BthadX3Ty/pKkJ81Qn8KjxWoL+SMaCGFzRlfWsFju9Q5C7+aTj
eEKyFujH5bUTGX87nULRfg67tmtxBlT8WWWtFe2O/wedBTGGQxXMpwh4ObjLl3Qh
bfwxlBbh2N4471TyrErv04lbNecGaQqYxGrY8Ot3l2V2fXCzghAQg26Hc4dR2wyA
PPgWq78db+gU3QsePeo2Ki5sonkcyQQQlCkL35Asbv8khvk90gist4kijPnVBCuv
cwIDAQAB
-----END PUBLIC KEY-----
However AWS will NOT accept this file.
You have to strip off the -----BEGIN PUBLIC KEY-----
and -----END PUBLIC KEY-----
from the file. Save it and import and it should work in AWS.
If your looking how to copy an Amazon AWS .pem
keypair into a different
region do the following:
openssl rsa -in .ssh/amazon-aws.pem -pubout > .ssh/amazon-aws.pub
Then
aws ec2 import-key-pair --key-name amazon-aws --public-key-material '$(cat .ssh/amazon-aws.pub)' --region us-west-2
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With