====== RSA KEY ======
===== - Reference =====
  * [[https://www.cnblogs.com/qcblog/p/9011834.html|更多细节的理解RSA算法]]
  * [[https://www.cnblogs.com/qcblog/p/8976017.html|现代密码学中的数论基础知识梳理]]
  * [[http://www.361way.com/ras-basics/5820.html|RSA算法基础详解]]
===== - Commands =====
  // Generate key pair
  ssh-keygen -t rsa -C "zBOOK1"
  // Get pem format key
  ssh-keygen -t rsa -m pem -C "zBOOK1"
  // Extract public key from private key file.
  ssh-keygen -y -f id_rsa

  // 未测试
  转换为ppk格式：
  puttygen tempkey -o tempkey.ppk
  转换回openssh格式：
  puttygen tempkey.ppk -O private-openssh -o tempkey.oldformat


===== - OpenSSL公钥和OpenSSH公钥格式转换 =====

OpenSSL生成的公钥格式和OpenSSH公钥格式不一致，把OpenSSL生成的公钥用于配置SSH连接，验证会失败。

OpenSSH格式公钥

  ssh-rsa AAAAB3NzaC....

OpenSSL格式公钥（PEM）

  -----BEGIN PUBLIC KEY-----
  MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC7vbqajDw4o6gJy8UtmIbkcpnk
  O3Kwc4qsEnSZp/TR+fQi62F79RHWmwKOtFmwteURgLbj7D/WGuNLGOfa/2vse3G2
  eHnHl5CB8ruRX9fBl/KgwCVr2JaEuUm66bBQeP5XeBotdR4cvX38uPYivCDdPjJ1
  QWPdspTBKcxeFbccDwIDAQAB
  -----END PUBLIC KEY-----

从私钥重新生成OpenSSH格式公钥
  ssh-keygen -y -f priKey.pem > sshPubkey.pub

将OpenSSL格式公钥转换成OpenSSH格式
  ssh-keygen -i -m PKCS8 -f sslPubKey.pub 〉 sshPubKey.pub #-m支持 PEM，PKCS8，RFC4716

将OpenSSH格式公钥转换成OpenSSL格式公钥
  ssh-keygen -e -m PEM -f sshPubKey.pub >sslPubKey.pub #-m支持 PEM，PKCS8，RFC4716


===== - 试验 =====

==== - 用ssh-keygen生成密钥 ====

  // pkcs8格式的密钥,密钥文件名为test
  ssh-keygen -t rsa -m pkcs8

test(Private key):
<code>
-----BEGIN PRIVATE KEY-----
MIIG/gIBADANBgkqhkiG9w0BAQEFAASCBugwggbkAgEAAoIBgQCz7jzxUa5qIulX
Gp1aV6Mt0wVXAYfq9GimuT3TQTvMb0Kt8JPws0IAD7GshQl55izEh6qqVodqvG3S
XS+Xw7WelSXa4Vb2TDu9GC23LeLmkvK5xSY0vYTQlHwKKx5qonKe6oaQlRqDBKTB
wU5skQAIXmxj9fB1B3laO4jIrCVD1Uw4lqKcunbF9qM9x0qj4K1kLuK5ieoRXeXg
58/GJ/tKEP9qXmzK/0rkIlw+KI1ryVjXogNGXKZ6vox5OyARDycz5/s10IAe0w50
o8aTk8m/xTuZtNkpy8CaXgB/6MLaAWyk+aIORnIkCIw4IWQOmBONoySCJRHUO7za
G86zyLyYWy+fnP/Ya+A2kNAPkpz1KGRWgNRe58TFHwqM2hiqk/ufzhdYtAHIFton
dHyP6BgJs43429iXJCAhh7luU9azBArOHf3pWxmLAXW36jxnjzKYk3qi6ipepmCE
t2MHC5VG1NA5uqsmMBDY4G9OKCjEyLcGFAZ3eX05WWzYHJnNjtECAwEAAQKCAYEA
sWefTOwVRO6hFNHX/aBU8rSSGkQXJ/DNUj1omOdDt4CnxOpkYznLRFY0/324Zyks
UKXW/tYL9JBO09AvQbqkUvSJe3MclAF8EShKwsaKZn7StZmN3whRcHpGhpwXBFqh
GtDv1pQ8rJuieqtG0MJyvs2inzh5WloBK5dxeTJKF8Sxv0W+lTtAKlXQg/QAQu4e
551WzEsPrwnews6szJrVKCT0QINTTx9BTwgV3O+M6I6AezNxeSmWt4Uy6cEDD+7Y
N/EbRUDTzXqwqfl2tfXv/+K53bZjd2KdM1piz0WgitVXKXqY/B7X8ewdlbuJlwPR
G+t+0EH3OYvxHT9nMmVpilM2+Pn5Vyukg3krh4q9Y1XGtxMmwEJx4fVPXpCBkBsa
ROVYVAdXzCm4Nn0d9hywtj6A2/1WKmTIpcwDfahQ8FGr9wAFLh8XRSMmHBUOtuMc
5d1/jipnTpi+l88HcM16fsGqHM3FpTD9UqWvIAnjrEualiS0Tz65/11NWNi5zH7V
AoHBANyyJJUMAwBguZ/xvvcGNG0Z640vTbJ8j+CttIEs2r9N82aoTvHMuCVGBQSQ
AMZKgy8AMlvc8YVKiAwbF+dspPAMgfrHx3XwESd8sccUc6JPhry1mmqoQhFSXMXs
C/Dsjb9so6jbApjRIxxHMKrq+DXffRUdrYTXo23TVg2HCHRJXicPa0BlnHkySRod
EOHSXcW0B/3FJ+SemLSBofE24gu7H6A3gUG5IToUStzSwayTabhOXSv8EgJzCPPB
/DfCMwKBwQDQtrD6P50Pz0tpNxCACZFy8G5sHnhDmn53zjMt/h79RO9ux4kBOhRy
tLIJfjkpi752XYY0BKigy+IpIlgUiZcM5ABkswthyVKjT5Cvd42sAcVlDAGt0XuT
0a5oUYi7NFRPmx56lyPxukMNlJhE7uXvEKAvqYLCWowiho6QKAAFyacjl6aRSDit
DxPFYRSz35/xDmfLh9nUHBmRI7gXt41Lrw/0WmIMFosSNG4L1gcgg9hhSWzakQFI
iGO7ol2CjusCgcAUK9wYG17y2+RbcBcKMPD9v869usMZOzVTTc0fuV/M+Gz0xxFg
HFwAXCP9RMQtW4Yd96CisNEKY8OHh7pplo6Euj/vEe9zIhwPReBh18ax4R7phJe2
g+Z1+tcr5+U3ggd6pY1X05yrJwJUhVU3af6BvgmKsom3iJYRZa2J0vu81S/b1hbx
bdgdY7E2x81RNo8HkOriEPESfkRqyyZoC6IhfFrpo+kWfrtAubYV9NVq1pZlGBR/
/qwOuUDqNqK83e0CgcB9cA9Vl73xroiIJ8wG57k+9zmmSXnGR6gSoR8pWT2OwkuU
rN+umRWJCwilo/L/ATnrMbJiuRoP6fl292kwjrD10mJaIzGIB9Ney4cNrjC7XCUi
4eBwcyJuaOsFT1t6B61UWsoqq4Oy2FtMYi5R37LZx4g+nQY1gO4QIga0pRW+ZL/L
KG23i0xk1lbvnbUvlgsueZXwQSmtzWWgUXNm7a5B+mkAVwHuee4DdvdcrbmC1TrK
3bJKejPnP/GQ57iDqxkCgcEAshGZkM27lkPXPlhDNRiw6WfORSxW0OREGSboW0mY
WCkO/HZWawW3Q3C6T8hcK3EVSm+DEr7Yz+savYdMUOkc51gbiNGQAkIon0M9D2qw
JZCq7AD7txIRTrpjX6QZqn/vH+Ef4Y7KPr9YsxWwly0ZHpE08rSohc4v0kGN8J3g
UfCkisF/3ww1B3F6yFIVKo2FczA/+enBE0ox0ICbHxUZVU0LT6bAztbTQV1J8X8s
oTbcLGVhPCQ3FDH0pBi76XHi
-----END PRIVATE KEY-----
</code>

test.pub(Public key):
<code>
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCz7jzxUa5qIulXGp1aV6Mt0wVXAYfq9GimuT3TQTvMb0Kt8JPws0IAD7GshQl55izEh6qqVodqvG3SXS+Xw7WelSXa4Vb2TDu9GC23LeLmkvK5xSY0vYTQlHwKKx5qonKe6oaQlRqDBKTBwU5skQAIXmxj9fB1B3laO4jIrCVD1Uw4lqKcunbF9qM9x0qj4K1kLuK5ieoRXeXg58/GJ/tKEP9qXmzK/0rkIlw+KI1ryVjXogNGXKZ6vox5OyARDycz5/s10IAe0w50o8aTk8m/xTuZtNkpy8CaXgB/6MLaAWyk+aIORnIkCIw4IWQOmBONoySCJRHUO7zaG86zyLyYWy+fnP/Ya+A2kNAPkpz1KGRWgNRe58TFHwqM2hiqk/ufzhdYtAHIFtondHyP6BgJs43429iXJCAhh7luU9azBArOHf3pWxmLAXW36jxnjzKYk3qi6ipepmCEt2MHC5VG1NA5uqsmMBDY4G9OKCjEyLcGFAZ3eX05WWzYHJnNjtE= Xinsi.Ltd
</code>
git自带的ssh-keygen，生成的公钥是SSH格式的。

==== - 验证密钥 ====

  //将公钥格式转为pem
  ssh-keygen -e -m pkcs8 -f test.pub > test.pub.pkcs8

test.pub.pkcs8
<code>
-----BEGIN PUBLIC KEY-----
MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAs+488VGuaiLpVxqdWlej
LdMFVwGH6vRoprk900E7zG9CrfCT8LNCAA+xrIUJeeYsxIeqqlaHarxt0l0vl8O1
npUl2uFW9kw7vRgtty3i5pLyucUmNL2E0JR8CiseaqJynuqGkJUagwSkwcFObJEA
CF5sY/XwdQd5WjuIyKwlQ9VMOJainLp2xfajPcdKo+CtZC7iuYnqEV3l4OfPxif7
ShD/al5syv9K5CJcPiiNa8lY16IDRlymer6MeTsgEQ8nM+f7NdCAHtMOdKPGk5PJ
v8U7mbTZKcvAml4Af+jC2gFspPmiDkZyJAiMOCFkDpgTjaMkgiUR1Du82hvOs8i8
mFsvn5z/2GvgNpDQD5Kc9ShkVoDUXufExR8KjNoYqpP7n84XWLQByBbaJ3R8j+gY
CbON+NvYlyQgIYe5blPWswQKzh396VsZiwF1t+o8Z48ymJN6ouoqXqZghLdjBwuV
RtTQObqrJjAQ2OBvTigoxMi3BhQGd3l9OVls2ByZzY7RAgMBAAE=
-----END PUBLIC KEY-----
</code>

将test 和 test.pub.pkcs8放到[[http://tool.chacuo.net/cryptrsakeyvalid|密钥检验工具]]中检验。

从私钥重新生成公钥
  ssh-keygen -y -f test > test.pub