How to use publickey from x509 certificate?
Damien Miller
djm at mindrot.org
Thu Jul 8 22:19:42 EST 2004
Tanja Wittke wrote:
> Hello,
>
> I have the following problem: I want to use publickey authentication by
> using the publickey of a x509 certificate stored on a java card. I can
> already extract the publickey of the certificate and write it into a
> file. The problem i have is that i don't know how to convert the
> certificate's publickey into an rsa publickey format that openssh will
> accept.
You will need the private key if you want to do ssh authentication too,
this isn't contained in the certificate. Most smartcards are configured
not to allow extraction of the private key.
The public key is easy to extract:
$ openssl x509 -pubkey -noout -in newcert.pem
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCiax2Tn3aXOVOqSw5EP+Hc+Euy
hyfm5XxYFFhCI8KOw9UcUZ5uaZ4u+hca8DlM6vrP4GnU1f8RQK77D/uLRrwGb+5k
X0In4/sbSipOG3mxnPN9LC5gS06t1JSbOwhWbGECtWwbYCz0XF/HsFf5gP06Sexa
aYMN/isaJQjBSXBECQIDAQAB
-----END PUBLIC KEY-----
(this assumes your certificate is PEM encoded)
-d
More information about the openssh-unix-dev
mailing list