Git Product home page Git Product logo

ssh-keydgen's Introduction

ssh-keydgen Go Report Card Build Status Github All Releases

Generate Deterministic SSH keys

NAME:
   ssh-keydgen - deterministic authentication key generation

USAGE:
   ssh-keydgen [[-t <type>] [-b <bits>] [-c <curve>] [-f <filename>] [-a <rounds>] [--at <time>] [--am <memory>] [--as <seedphrase>] [--aa]]

AUTHOR:
   cornfeedhobo

GLOBAL OPTIONS:
   -t type          Specifies the type of key to create. The possible values are "dsa", "ecdsa", "rsa", or "ed25519". (default: "rsa")
   -b bits          Specifies the number of bits in the key to create. Possible values are restricted by key type. (default: 2048)
   -c curve         Specifies the elliptic curve to use. The possible values are 256, 384, or 521. (default: 256)
   -f filename      Specifies the filename of the key file.
   -a rounds        Specifies the number of hashing rounds applied during key generation. (default: 1000)
   --at time        Specifies the time parameter for the Argon2 function. (default: 3)
   --am memory      Specifies the memory parameter for the Argon2 function. (default: 16384)
   --ap threads     Specifies the threads or parallelism for the Argon2 function. (default: 1)
   --as seedphrase  Provides the deterministic seedphrase.
   --aa             Add the generated key to the running ssh-agent.

COPYRIGHT:
   (c) 2018 cornfeedhobo

Usage

  1. Generate your keys

    keydgen -f path/to/deterministic_key
ls -lh path/to/deterministic_key*

  2. Allow time to pass, hoping an emergency does not arise when you have no access to your keys ...

    If the time comes where you need access but can't get to your keys, you can then obtain this utility and re-generate, or even directly add your key to a running ssh-agent.

    ssh-keydgen --aa

  3. Profit!

FAQ

What Go versions are supported?

Go 1.9 or later

How can I verify the generated key is valid?

Until there are more implementations of this generation scheme, you can at least verify the private key is usable and the public key matches what openssh generates.

cat path/to/deterministic_key.pub
ssh-keygen -y -f path/to/deterministic_key

If the above outputs don't match, the public key was not generated properly. If you are prompted for a password, the private key was not generated properly.

How can I encrypt my key after generation?

ssh-keygen -p -f path/to/deterministic_key

Is it any good?

Yes

ssh-keydgen's People

Contributors

cornfeedhobo avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar

Forkers

wtsi-hgi daniloncmayo mikalv kantium y0zg codegod100 sighingnow aral whiteblackgoose

ssh-keydgen's Issues

Can't build master with go 1.8.1 

$ GOPATH=/tmp/gopath go get -v github.com/cornfeedhobo/ssh-keydgen
github.com/cornfeedhobo/ssh-keydgen (download)
created GOPATH=/tmp/gopath; see 'go help gopath'
package math/bits: unrecognized import path "math/bits" (import path does not begin with hostname)
$ go version
go version go1.8.1 linux/amd64

Non deterministic result with go 1.11.4

I am running go version 1.11.4 on Arch linux. It might a fault on my side, but the below loop does not produce the same result all the time. The output jumps between two keys randomly.

for i in {1..5}; do ssh-keydgen -t rsa -f qqq --as backdoor-wifi-proxy >/dev/null; cat qqq.pub; echo; rm qqq*; done

The result on my machine is:

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCdQu/s/+ZeVlUKfF5AJuJxojGbbeQFNG/AgyMFU0JYq37hd9LPtTtPr2eMv9zPq5iWnVvB2hm2KCVq3H6XIc2jKfeLUXbauvFhQLcBVBxDkAjVxXHZ81jRpsly+z2YOdFORRpi0TREcGRsU0XaPO9GWKK48kwlEZ7WL85g0iGVO9QFnFUORNE6FVptfjVEbqY1KrR4pq0OXBiLlCdhYW5fp3yYlh+2UNGQoqEXRsQqKXOxkzByu/odKKyCHoLC3yMQsGkVr9FEK8Iik2EYxHOzV4RBLPwMr5uVFG/Y8Ty4oi1EYxdoLD1p/PHwQHDHz7SjHHevDxVDoGZG2oAggukJ

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCdQu/s/+ZeVlUKfF5AJuJxojGbbeQFNG/AgyMFU0JYq37hd9LPtTtPr2eMv9zPq5iWnVvB2hm2KCVq3H6XIc2jKfeLUXbauvFhQLcBVBxDkAjVxXHZ81jRpsly+z2YOdFORRpi0TREcGRsU0XaPO9GWKK48kwlEZ7WL85g0iGVO9QFnFUORNE6FVptfjVEbqY1KrR4pq0OXBiLlCdhYW5fp3yYlh+2UNGQoqEXRsQqKXOxkzByu/odKKyCHoLC3yMQsGkVr9FEK8Iik2EYxHOzV4RBLPwMr5uVFG/Y8Ty4oi1EYxdoLD1p/PHwQHDHz7SjHHevDxVDoGZG2oAggukJ

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3rCLrsPxFHN3HGeLxQJrszRzfr8AZUnIPpC6aBiaCBjjstwDQ8kC87ScwIrzPCYwILwyFhTK6IaPaUsCbZl3pyXNwfAfmXoDtti0qRWKAM36GmC3DAQ8PZJAV8TnH+h0qJwxuFZ5IZnIW2Sk8fS0PcTdUNFAsmS42OOSL8o4N0RrF2uqb0WeGZJwut3OWdxJxin7JZ7fTYV0z3HiNs2MJ3u2lb/3W0dcWjcR8aFqzY7aSipvXrhr7SpBKJCeyskbUhGE9CN0Nskne5HktphnNDu1kSRzWtPHq0cgAjEfelmcGKV3ak0yvy1hfGeUAi20sGjfwuJ0d6IsrhnDBxILr

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3rCLrsPxFHN3HGeLxQJrszRzfr8AZUnIPpC6aBiaCBjjstwDQ8kC87ScwIrzPCYwILwyFhTK6IaPaUsCbZl3pyXNwfAfmXoDtti0qRWKAM36GmC3DAQ8PZJAV8TnH+h0qJwxuFZ5IZnIW2Sk8fS0PcTdUNFAsmS42OOSL8o4N0RrF2uqb0WeGZJwut3OWdxJxin7JZ7fTYV0z3HiNs2MJ3u2lb/3W0dcWjcR8aFqzY7aSipvXrhr7SpBKJCeyskbUhGE9CN0Nskne5HktphnNDu1kSRzWtPHq0cgAjEfelmcGKV3ak0yvy1hfGeUAi20sGjfwuJ0d6IsrhnDBxILr

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3rCLrsPxFHN3HGeLxQJrszRzfr8AZUnIPpC6aBiaCBjjstwDQ8kC87ScwIrzPCYwILwyFhTK6IaPaUsCbZl3pyXNwfAfmXoDtti0qRWKAM36GmC3DAQ8PZJAV8TnH+h0qJwxuFZ5IZnIW2Sk8fS0PcTdUNFAsmS42OOSL8o4N0RrF2uqb0WeGZJwut3OWdxJxin7JZ7fTYV0z3HiNs2MJ3u2lb/3W0dcWjcR8aFqzY7aSipvXrhr7SpBKJCeyskbUhGE9CN0Nskne5HktphnNDu1kSRzWtPHq0cgAjEfelmcGKV3ak0yvy1hfGeUAi20sGjfwuJ0d6IsrhnDBxILr

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3rCLrsPxFHN3HGeLxQJrszRzfr8AZUnIPpC6aBiaCBjjstwDQ8kC87ScwIrzPCYwILwyFhTK6IaPaUsCbZl3pyXNwfAfmXoDtti0qRWKAM36GmC3DAQ8PZJAV8TnH+h0qJwxuFZ5IZnIW2Sk8fS0PcTdUNFAsmS42OOSL8o4N0RrF2uqb0WeGZJwut3OWdxJxin7JZ7fTYV0z3HiNs2MJ3u2lb/3W0dcWjcR8aFqzY7aSipvXrhr7SpBKJCeyskbUhGE9CN0Nskne5HktphnNDu1kSRzWtPHq0cgAjEfelmcGKV3ak0yvy1hfGeUAi20sGjfwuJ0d6IsrhnDBxILr

Rolling back to go 1.9.4, I get always the correct result:

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3rCLrsPxFHN3HGeLxQJrszRzfr8AZUnIPpC6aBiaCBjjstwDQ8kC87ScwIrzPCYwILwyFhTK6IaPaUsCbZl3pyXNwfAfmXoDtti0qRWKAM36GmC3DAQ8PZJAV8TnH+h0qJwxuFZ5IZnIW2Sk8fS0PcTdUNFAsmS42OOSL8o4N0RrF2uqb0WeGZJwut3OWdxJxin7JZ7fTYV0z3HiNs2MJ3u2lb/3W0dcWjcR8aFqzY7aSipvXrhr7SpBKJCeyskbUhGE9CN0Nskne5HktphnNDu1kSRzWtPHq0cgAjEfelmcGKV3ak0yvy1hfGeUAi20sGjfwuJ0d6IsrhnDBxILr

go 1.10.4 on Ubuntu 18.04 also works fine.

ed25519 key needs passphrase

I'm able to generate keys just fine with this. However, if the key is on a host it seems to need a passphrase. I try to give it the one I created the key with, but no luck.

Could you point me in the right direction? Would like to use this without the ssh key agent.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.