Reputation: 1128
How can I validate a potential public ssh key part?
I'm building a small service where users may upload their public SSH key in order to access a Mercurial repository (via SSH). I'd like to verify that whatever the users paste is:
- valid (
ssh-keygen -l -f pasted_key_put_in_a_fileexit code is 0) - not the private part of a their key pair <--- this is what I'm looking for a command to do
From what I understand, ssh-keygen -l -f ... doesn't say whether the key part inspected is the public or private part.
Is there a way to verify that a file does not contain/represent the private part of a key pair?
Upvotes: 1
Views: 680
Answers (1)
Reputation: 1128
It turns out that ssh-keygen -l -f private_key will look for a matching public_key in the same directory as private_key and use that if found. But if there is no such (by name) matching public key part, the private_file will be tried and the program complains. So the command I thought couldn't be used, can in fact be used (as long as there's no public key part in a file next to it with a matching name).
Upvotes: 1
Related Questions
- How to specify the private SSH-key to use when executing shell command on Git?
- How to use SSH to run a local shell script on a remote machine?
- How do I remove the passphrase for the SSH key without having to create a new key?
- SSH Key - Still asking for password and passphrase
- Unable to negotiate with XX.XXX.XX.XX: no matching host key type found. Their offer: ssh-dss
- How do I access my SSH public key?
- How do I verify/check/test/validate my SSH passphrase?
- Extract public/private key from PKCS12 file for later use in SSH-PK-Authentication
- SSH Private Key Permissions using Git GUI or ssh-keygen are too open