Can I use my ssh-public-key to decrypt a file?

ssh-keys amazon-ec2
bowlby picture bowlby · May 11, 2010 · Viewed 10.7k times · Source

I'm trying to find a way to decrypt an encrypted file on a 'virgin' EC2-instance. These EC-instances I use (Ubuntu Lucid) only hold my AWS-created public ssh-key. If can use this to decrypt a file, I can feed it encrypted files (for example a bash-script holding a password to my subversion-repository).

So, my question, can I use my ssh-key to encrypt/decrypt a file?

Answer

Hedgehog picture Hedgehog · Feb 13, 2011

The file:

echo 'This is a sekret' >/tmp/msg.txt

Export public key (in case you don't have it/lose it):

openssl rsa -in ~/private.pem -out /tmp/public.pub -outform PEM -pubout

Encrypt file with public key (anyone can have this key):

openssl rsautl -encrypt -inkey /tmp/public.pub -pubin -in /tmp/msg.txt -out /tmp/file.enc

Decrypt the file with private key (only you should have the private key):

openssl rsautl -decrypt -inkey ~/private.pem -in /tmp/file.enc -out /tmp/decrypted.txt

The decoded message:

cat /tmp/decrypted.txt

Related questions

SSH to AWS Instance without key pairs

1: Is there a way to log in to an AWS instance without using key pairs? I want to set up a couple of sites/users on a single instance. However, I don't want to give out key pairs for clients …

Read More
AWS SSH connection error: Permission denied (publickey)

Im trying to connect to my EC2 instance with SSH and Iḿ getting crazy. I have read this post and tried all user combinations: AWS ssh access 'Permission denied (publickey)' issue Its still not working for me. Any idea …

Read More
Amazon ssh_exchange_identification: read: Connection reset by peer: when changing permissions

I went on to my amazon ec2 successfully and I have been experimenting around. I found it annoying that I needed to always run sudo on everything so what I decided to do was to go to the route directory …

Read More