Is there any way to obtain the public key from the private key? I know it's in host file however for the purpose of this message I need to be able to generate it on the command line. I tried openssl ec < ed25519_key.priv I get an error read EC key unable to load Key 140092556813984:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:703:Expecting: ANY PRIVATE KEY -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20150114/8d0c18b2/attachment.html>
Give this a go: openssl rsa -in ed25519_key.priv -pubout Cheers, Peter On Wed, Jan 14, 2015 at 12:28:00PM +0000, Martin wrote:> Is there any way to obtain the public key from the private key? > I know it's in host file however for the purpose of this message I need to > be able to generate it on the command line. > I tried > > openssl ec < ed25519_key.priv > > I get an error > > read EC key > unable to load Key > 140092556813984:error:0906D06C:PEM routines:PEM_read_bio:no start > line:pem_lib.c:703:Expecting: ANY PRIVATE KEY> _______________________________________________ > tinc mailing list > tinc at tinc-vpn.org > http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
On Wed, Jan 14, 2015 at 12:28:00PM +0000, Martin wrote:> Is there any way to obtain the public key from the private key? > I know it's in host file however for the purpose of this message I need to > be able to generate it on the command line. > I tried > > openssl ec < ed25519_key.priv > > I get an error > > read EC key > unable to load Key > 140092556813984:error:0906D06C:PEM routines:PEM_read_bio:no start > line:pem_lib.c:703:Expecting: ANY PRIVATE KEYEd25519 keys are not supported by OpenSSL, and are generated completely by tinc itself. The format of ed25519_key.priv is also not a standard format. The public key can be extracted from it though, I'll add an option to the tinc CLI to do this, just in case someone accidentily deletes the public key. However, you can already use the CLI to extract your own public key: tinc -n <netname> get Ed25519PublicKey -- Met vriendelijke groet / with kind regards, Guus Sliepen <guus at tinc-vpn.org> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: Digital signature URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20150114/13265e66/attachment.sig>
Without seeing your private key (I am assuming it is a private key with a PEM format?) you can use the syntax described here: http://stackoverflow.com/questions/5244129/use-rsa-private-key-to-generate-public-key See the first answer where they are specifying the ?in? value. Michael Munger, dCAP, MCPS, MCNPS, MBSS High Powered Help, Inc. Microsoft Certified Professional Microsoft Certified Small Business Specialist Digium Certified Asterisk Professional michael at highpoweredhelp.com<mailto:michael at highpoweredhelp.com> From: tinc [mailto:tinc-bounces at tinc-vpn.org] On Behalf Of Martin Sent: Wednesday, January 14, 2015 7:28 AM To: tinc at tinc-vpn.org Subject: Obtain public key Is there any way to obtain the public key from the private key? I know it's in host file however for the purpose of this message I need to be able to generate it on the command line. I tried openssl ec < ed25519_key.priv I get an error read EC key unable to load Key 140092556813984:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:703:Expecting: ANY PRIVATE KEY -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20150114/4505cef2/attachment.html>
Fantastic, having it in the CLI would great. It is for the reason of users losing the pub key that I ask, writing some docs for an internal network. Ah interesting, I finally found openssl does not have the 25519 curve in there(and no plans to do so looks like) but I was not aware there was non standard priv key format either. Would it make sense for the tinc -n <netname> get Ed25519PublicKey To have some logic to derive the pub key it if it's not already in the hosts file? Just to avoid adding another command to the tinc CLI. On Wed Jan 14 2015 at 2:00:47 PM Guus Sliepen <guus at tinc-vpn.org> wrote:> On Wed, Jan 14, 2015 at 12:28:00PM +0000, Martin wrote: > > > Is there any way to obtain the public key from the private key? > > I know it's in host file however for the purpose of this message I need > to > > be able to generate it on the command line. > > I tried > > > > openssl ec < ed25519_key.priv > > > > I get an error > > > > read EC key > > unable to load Key > > 140092556813984:error:0906D06C:PEM routines:PEM_read_bio:no start > > line:pem_lib.c:703:Expecting: ANY PRIVATE KEY > > Ed25519 keys are not supported by OpenSSL, and are generated completely > by tinc itself. The format of ed25519_key.priv is also not a standard > format. The public key can be extracted from it though, I'll add an > option to the tinc CLI to do this, just in case someone accidentily > deletes the public key. However, you can already use the CLI to extract > your own public key: > > tinc -n <netname> get Ed25519PublicKey > > -- > Met vriendelijke groet / with kind regards, > Guus Sliepen <guus at tinc-vpn.org> > _______________________________________________ > tinc mailing list > tinc at tinc-vpn.org > http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc >-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20150114/193ef234/attachment-0001.html>