fl8 Wiki

この文書は読取専用です。文書のソースを閲覧することは可能ですが、変更はできません。もし変更したい場合は管理者に連絡してください。
====== 07 秘密鍵から公開鍵を確認する方法 ======


===== OpenSSL =====

==== 秘密鍵からOpenSSL形式の公開鍵確認 ====

<code>
$ openssl rsa -pubout < [秘密鍵]
</code>

==== 秘密鍵と公開鍵の合致確認 ====

下記の公開鍵が合致してればOK

<code console>
# openssl rsa -in /etc/pki/tls/certs/server.key -pubout
writing RSA key
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC/smbmb0cX7DLKTTtDrbAEcORd
RKwFLXB4kysLD5M8rdZ7mrKatJxkJy0G1zTaGGgRRn4vnK9gpAiG1st8JLEtV3H3
8RWbS14che8EmuKNn4U5pf6M67d68V9eMsBKFAERTWHGihoVGQ04rflzoaegdjQA
5dmU5eL0l8ktANsZ5QIDAQAB
-----END PUBLIC KEY-----
</code>
<code console>
# openssl x509 -in /etc/pki/tls/certs/server.crt -pubkey
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC/smbmb0cX7DLKTTtDrbAEcORd
RKwFLXB4kysLD5M8rdZ7mrKatJxkJy0G1zTaGGgRRn4vnK9gpAiG1st8JLEtV3H3
8RWbS14che8EmuKNn4U5pf6M67d68V9eMsBKFAERTWHGihoVGQ04rflzoaegdjQA
5dmU5eL0l8ktANsZ5QIDAQAB
-----END PUBLIC KEY-----
-----BEGIN CERTIFICATE-----
MIIDcTCCAtqgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBiDELMAkGA1UEBhMCSkEx
EDAOBgNVBAgTB1RvdWt5b3UxEjAQBgNVBAcTCVR5dXVvdS1rdTEWMBQGA1UEChMN
RmxhdEVpZ2h0LmNvbTEYMBYGA1UEAxMPd3d3LmZsYXQ4LmNvLmpwMSEwHwYJKoZI
hvcNAQkBFhJtYXRzdWlAZmxhdDguY28uanAwHhcNMTAwNDI3MDIwODA4WhcNMjAw
NDI0MDIwODA4WjCBiDELMAkGA1UEBhMCSkExEDAOBgNVBAgTB1RvdWt5b3UxEjAQ
BgNVBAcTCVR5dXVvdS1rdTEWMBQGA1UEChMNRmxhdEVpZ2h0LmNvbTEYMBYGA1UE
AxMPd3d3LmZsYXQ4LmNvLmpwMSEwHwYJKoZIhvcNAQkBFhJtYXRzdWlAZmxhdDgu
Y28uanAwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAL+yZuZvRxfsMspNO0Ot
sARw5F1ErAUtcHiTKwsPkzyt1nuaspq0nGQnLQbXNNoYaBFGfi+cr2CkCIbWy3wk
sS1XcffxFZtLXhyF7wSa4o2fhTml/ozrt3rxX14ywEoUARFNYcaKGhUZDTit+XOh
p6B2NADl2ZTl4vSXyS0A2xnlAgMBAAGjgegwgeUwHQYDVR0OBBYEFOoA+LP6/ew0
dD+cHN1/ddKZxlooMIG1BgNVHSMEga0wgaqAFOoA+LP6/ew0dD+cHN1/ddKZxloo
oYGOpIGLMIGIMQswCQYDVQQGEwJKQTEQMA4GA1UECBMHVG91a3lvdTESMBAGA1UE
BxMJVHl1dW91LWt1MRYwFAYDVQQKEw1GbGF0RWlnaHQuY29tMRgwFgYDVQQDEw93
d3cuZmxhdDguY28uanAxITAfBgkqhkiG9w0BCQEWEm1hdHN1aUBmbGF0OC5jby5q
cIIBADAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAD5mWuFfXRZAXzXc
iGsAY4oS1tQHl9NVGkEy7BF8lRNc7gLZjyxgApq6OcULUuPGALQcHCxOTHNLvQU+
AeKfYDuOKrjZxXnHS/+V5iM9hq+WoeAnZpkfA3MW7qdDlkC3L+/bqcZNvF0/Jlnc
U19qc1XDEGuVRTBgaJtk+XKwC+QO
-----END CERTIFICATE-----
</code>
===== OpenSSH =====


==== 秘密鍵から、OpenSSH形式の公開鍵確認 ====

<code console>
$ ssh-keygen -y -f .ssh/id_rsa
</code>


==== 秘密鍵と公開鍵の合致確認 ====

下記の2つが、合致すればOKです。

<code console>
$ ssh-keygen -y -f .ssh/id_rsa
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA5ezNi1WjzrrsBV3tJXkqQq5I6UIrXbIAR7MnzOgNXe0GROF0B6U0/JO4HB8uKWQOmdeEdG6O8fmq2r0tp30DON7PUTIY7jq+/Vx35fu70v+6snAd9B8TGReum1bGhRkLsuupSqD8UiDkKMiNzn1ZXNAglYNRVmtAEnLmHGOx6c4KrGI7u/2cIKk7l4SFqaa4+LwdDJmjaq85oSXFteTsDJnxs58gG5QjsUtCm+AvtT/hM6XUZ2mSIowz0cw+ZSc2n6LPMVNq39iSjWUn29yevy/n5zEp5yAC/JSGltZlO6jB23bLJwjni20avIwUtpi4ROxT4I5JTjbP9qshjUWqjw==
</code>


<code console>
$ cat .ssh/id_rsa.pub 
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA5ezNi1WjzrrsBV3tJXkqQq5I6UIrXbIAR7MnzOgNXe0GROF0B6U0/JO4HB8uKWQOmdeEdG6O8fmq2r0tp30DON7PUTIY7jq+/Vx35fu70v+6snAd9B8TGReum1bGhRkLsuupSqD8UiDkKMiNzn1ZXNAglYNRVmtAEnLmHGOx6c4KrGI7u/2cIKk7l4SFqaa4+LwdDJmjaq85oSXFteTsDJnxs58gG5QjsUtCm+AvtT/hM6XUZ2mSIowz0cw+ZSc2n6LPMVNq39iSjWUn29yevy/n5zEp5yAC/JSGltZlO6jB23bLJwjni20avIwUtpi4ROxT4I5JTjbP9qshjUWqjw== matsui@dadm0002
</code>



===== メモ: 秘密鍵の作成 =====


=== パスあり ===

<code console>
openssl genrsa -aes256 2048 > private.key
</code>

=== パス無し ===

<code console>
$ openssl genrsa 2048 > private.key
</code>

== 上記の秘密鍵から、SSHの公開鍵作成は、以下のように行う ==

<code console>
$ ssh-keygen -y -f private.key > public.key
</code>


<code console>
$ mkdir ~/.ssh
$ cp private.key ~/.ssh/id_rsa && chmod 600 ~/.ssh/id_rsa
$ cp public.key ~/.ssh/id_rsa.public
</code>
fl8 Wiki

ユーザ用ツール

サイト用ツール

ページ用ツール
