Generate Private key with OpenSSL and Public key ssh-keygen for SSH
I am trying to generate a secure private and public key with openssl for use with my cloud hosting provider but when I did that the public key output from openssl was not recognized.
$ openssl genrsa -out private.pem -passout file:password.txt 2048
After Generating RSA private key, 2048 bit long modulus, then
$ openssl rsa -in private.pem -passin file:password.txt -pubout -out public.pem
It wrote the RSA public key. The output is something like this:
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuefPvX5Bih6GYbr1eTNf
Fa++DvhHg4nxcXZAor7gNEM1+XPY2wxG2r2g/Jub6OWHd8GDAf6SBCCld+alC9WS
KnAd2qz34yBzG4pJ5/tLux1yX5k45BPTcTHfZGmFlAxsSNTZVh5Zh9KYUpsklKOW
2Pb5gwlMvweIoqf0lqrNqX8agDWzAn4bRbW8ZeNKUuNuccx4PlFwMg4lEcPypcCL
HPAHGiQTR1xZ/jlohFMIH1cGCBVC4kuaEtUi3Qer9wzuvh376RQPnKD0jJgraiDM
pSrdMeH+0eJfqckM8pJ99F/kfKWcGtk6l1AJX511xsPLDTHxaP/ry8zlaAJ1vH9o
3wIDAQAB
-----END PUBLIC KEY-----
Which is the standard format and it works great for other use but All cloud and hosting providers need something like this for public key:
ssh-rsa XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX==
That is the only valid format they recognize.
I know ssh-keygen can do all that easily but I am using the currently latest openssl version 1.0.2h with security fix for some vulnerabilities pointed out by Google and Red Hat employees.
So how do I get the ssh-keygen public key format using my key generated from openssl?
Answer
After doing some research and experiments I landed on the simplest solution.
Generate secure private key using openssl with a password length of 32 or more characters, then use ssh-keygen command to get my required output.
ssh-keygen -y -f private.pem > public_key.pub
It works accurately!