如何将 PublicKey 转换为 OpenSSH authorized_keys 格式
How to do I convert the PublicKey to OpenSSH authorized_keys format
这是获取 public 密钥的代码。我需要将 public 密钥转换为 OpenSSH 格式,以便将其添加到 Linux 中的 authorized_keys 文件中。我该怎么做?
KeyPairGenerator kpGen = KeyPairGenerator.getInstance("DSA", "BC");
kpGen.initialize(1024, new SecureRandom());
KeyPair keypair = kpGen.generateKeyPair();
我确实用过PEMWriter。但是它没有给出正确格式的输出字符串。
@gotoalberto's answer 另一个问题:
If you want reverse the process, i.e. encode a PublicKey Java object
to a Linux authorized_keys entry format, one can use this code:
/**
* Encode PublicKey (DSA or RSA encoded) to authorized_keys like string
*
* @param publicKey DSA or RSA encoded
* @param user username for output authorized_keys like string
* @return authorized_keys like string
* @throws IOException
*/
public static String encodePublicKey(PublicKey publicKey, String user)
throws IOException {
String publicKeyEncoded;
if(publicKey.getAlgorithm().equals("RSA")){
RSAPublicKey rsaPublicKey = (RSAPublicKey) publicKey;
ByteArrayOutputStream byteOs = new ByteArrayOutputStream();
DataOutputStream dos = new DataOutputStream(byteOs);
dos.writeInt("ssh-rsa".getBytes().length);
dos.write("ssh-rsa".getBytes());
dos.writeInt(rsaPublicKey.getPublicExponent().toByteArray().length);
dos.write(rsaPublicKey.getPublicExponent().toByteArray());
dos.writeInt(rsaPublicKey.getModulus().toByteArray().length);
dos.write(rsaPublicKey.getModulus().toByteArray());
publicKeyEncoded = new String(
Base64.encodeBase64(byteOs.toByteArray()));
return "ssh-rsa " + publicKeyEncoded + " " + user;
}
else if(publicKey.getAlgorithm().equals("DSA")){
DSAPublicKey dsaPublicKey = (DSAPublicKey) publicKey;
DSAParams dsaParams = dsaPublicKey.getParams();
ByteArrayOutputStream byteOs = new ByteArrayOutputStream();
DataOutputStream dos = new DataOutputStream(byteOs);
dos.writeInt("ssh-dss".getBytes().length);
dos.write("ssh-dss".getBytes());
dos.writeInt(dsaParams.getP().toByteArray().length);
dos.write(dsaParams.getP().toByteArray());
dos.writeInt(dsaParams.getQ().toByteArray().length);
dos.write(dsaParams.getQ().toByteArray());
dos.writeInt(dsaParams.getG().toByteArray().length);
dos.write(dsaParams.getG().toByteArray());
dos.writeInt(dsaPublicKey.getY().toByteArray().length);
dos.write(dsaPublicKey.getY().toByteArray());
publicKeyEncoded = new String(
Base64.encodeBase64(byteOs.toByteArray()));
return "ssh-dss " + publicKeyEncoded + " " + user;
}
else{
throw new IllegalArgumentException(
"Unknown public key encoding: " + publicKey.getAlgorithm());
}
}
@gotoalberto 的代码仅针对 RSA 和 DSA 密钥实现。如果需要其他key,需要自己添加。
这是获取 public 密钥的代码。我需要将 public 密钥转换为 OpenSSH 格式,以便将其添加到 Linux 中的 authorized_keys 文件中。我该怎么做?
KeyPairGenerator kpGen = KeyPairGenerator.getInstance("DSA", "BC");
kpGen.initialize(1024, new SecureRandom());
KeyPair keypair = kpGen.generateKeyPair();
我确实用过PEMWriter。但是它没有给出正确格式的输出字符串。
@gotoalberto's answer 另一个问题:
If you want reverse the process, i.e. encode a
PublicKeyJava object to a Linuxauthorized_keysentry format, one can use this code:/** * Encode PublicKey (DSA or RSA encoded) to authorized_keys like string * * @param publicKey DSA or RSA encoded * @param user username for output authorized_keys like string * @return authorized_keys like string * @throws IOException */ public static String encodePublicKey(PublicKey publicKey, String user) throws IOException { String publicKeyEncoded; if(publicKey.getAlgorithm().equals("RSA")){ RSAPublicKey rsaPublicKey = (RSAPublicKey) publicKey; ByteArrayOutputStream byteOs = new ByteArrayOutputStream(); DataOutputStream dos = new DataOutputStream(byteOs); dos.writeInt("ssh-rsa".getBytes().length); dos.write("ssh-rsa".getBytes()); dos.writeInt(rsaPublicKey.getPublicExponent().toByteArray().length); dos.write(rsaPublicKey.getPublicExponent().toByteArray()); dos.writeInt(rsaPublicKey.getModulus().toByteArray().length); dos.write(rsaPublicKey.getModulus().toByteArray()); publicKeyEncoded = new String( Base64.encodeBase64(byteOs.toByteArray())); return "ssh-rsa " + publicKeyEncoded + " " + user; } else if(publicKey.getAlgorithm().equals("DSA")){ DSAPublicKey dsaPublicKey = (DSAPublicKey) publicKey; DSAParams dsaParams = dsaPublicKey.getParams(); ByteArrayOutputStream byteOs = new ByteArrayOutputStream(); DataOutputStream dos = new DataOutputStream(byteOs); dos.writeInt("ssh-dss".getBytes().length); dos.write("ssh-dss".getBytes()); dos.writeInt(dsaParams.getP().toByteArray().length); dos.write(dsaParams.getP().toByteArray()); dos.writeInt(dsaParams.getQ().toByteArray().length); dos.write(dsaParams.getQ().toByteArray()); dos.writeInt(dsaParams.getG().toByteArray().length); dos.write(dsaParams.getG().toByteArray()); dos.writeInt(dsaPublicKey.getY().toByteArray().length); dos.write(dsaPublicKey.getY().toByteArray()); publicKeyEncoded = new String( Base64.encodeBase64(byteOs.toByteArray())); return "ssh-dss " + publicKeyEncoded + " " + user; } else{ throw new IllegalArgumentException( "Unknown public key encoding: " + publicKey.getAlgorithm()); } }
@gotoalberto 的代码仅针对 RSA 和 DSA 密钥实现。如果需要其他key,需要自己添加。