Cryptographic - Private Key

Public Key Crypto Pair Key Creation

About

This article talks about the secret known as the private key in a asymmetric cryptographic scheme.

A private key is a cryptographic key that is private (that you should keep secret).

This page is about how to manage/create a What is a Public Key Cryptography (known as Asymmetric Cipher) ? private key.

An What is a Public Key Cryptography (known as Asymmetric Cipher) ? private key is categorized as something you have authentication.

Management

Algorithm Scheme

There is two asymmetric cryptographic scheme that defines how to create a private key.

There is therefore two types of key. The most known being RSA

File Format

Different file formats are used to store keys.

Create

The creation of the private key is format dependent.

Pem

For a pem private key (the openssl format), you use:

  • the genrsa 1) utility to create a RSA private key.
  • the gendsa utility to create a DSA private key

Example: The below command 2) creates a: 

openssl \
  genrsa \ 
  -des3 `# encrypt the key with DES in ede cbc mode (168 bit key)`  \
  -out private-key.pem `# the key file`  \
  -passout file:passphrase.txt `# the passphrase is in the file
  4096 `# num of bit default to 2048

Output Example: 

Generating RSA private key, 4096 bit long modulus (2 primes)
.................................++++
.........................................................................++++
e is 65537 (0x010001)


-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,B03FF7BC9D49E89C

8vSw4nlXuuAyJHfxnWCbi7QPW/QMgFU1HNlnSvt/10HEbSep+E6H8seRKwRK5TAW
q4TjSzrfL3Mg0Rq4jB3uEHLbEOFxoOOCrVLh+Okrdk4MmqTsUAFZaJMfAcy22Uqx
biHAHykE1Rp90Mnf8vbm4WukXDOeTmgr6x7ZJqIGaTZnF82kYz1IMoWoCy5mGfwD
ZCMHPkXRyCdQJikR+uDx/92waeCSJCcd6OXOJ/j3NFOZMzfrprUjYaIUc5EYXFgv
hEsIPHksKnboqFQzOZuqLCYNXSYq2Cld0CrEXTDDHNGWqZuT/5RLquwWmaBtqa+e
I63iL8a7d+1QvrUzuin34wUAZT7ccZdll6upq52C41J5zxw3oKlb5PqqrEhJ/C+Y
u0N7ap7A1ODw9lnKKHHsr391RedQ4l3yWPZdb+XzoyzSHMC8h45EK/VvHzXBBVu1
dsJaWLJUMaD4CviAeydV1159Qoddw2j6NcS94Iif6m4MEaH/NteTNFE2OgnD21so
v0k4vE8fKsYjbNJPLnGRxDOdTLQ1HVQVd2i9/PWj60hlE4Ef7hl/BaMC+GreM3xh
uV8MpBV+SDc2LhbVna0+CfB6vcZxIMsI1nHOQY4z4bNr14p2vRFtqRfWcy/M0fSC
madpGO1xNYnQZOvJEcHu6nGQsU6AgwpCKVizfxTQ8oAjrrvLdl9WvF4FWOvI2jxI
yVrQP0a/lRGN3Fh6DxS6EJSsMzwvr7htwfo+SVNYDMDlbUoFlvTHT9sMpKrh3Cke
oGrOjjCrPAlMmeKpqw1LOk1B1a/CgPM4BzwS4+MO5+KAwmVSpe/zOQ==
..............
.............
-----END RSA PRIVATE KEY-----

Ppk

For a ppk private key (Putty), see ppk create

Decrypt / Suppress passphrase

1)
genrsa man page
2)
Genrsa Syntax - Generate an RSA private key




Discover More
Card Puncher Data Processing
Ansible - Ansible-vault

ansible-vault is a command line utility that permits to add/get sensitive data (file or property value) into an encrypted format called a vault Example of sensitive data: password private keys ...
Card Puncher Data Processing
Ansible - Connection

Connection parameters to hosts are given through variable. ... The playbook defines ramon as connection user. At the command line, we set the connection user to lola but the connection...
Card Puncher Data Processing
Ansible - Encrypt a property (password, private key)

How to encrypt a string property with ansible-vault In line String String from a File content You can encrypt a private key this way for instance. First create a file that will...
Certbot (letsencrypt | letsencrypt-auto)

Certbot is an acme client (Let’s Encrypt CA) (or any other CA) to issue SSL certificates. Certbot is an easy-to-use client that fetches a certificate from Let’s Encrypt—an open certificate authority...
Challenge of ownership

challenge are actions that permits to verify the ownership of a private key. They are used during the CA certificate signing verification To get a domain validated certificate, you need to prove the...
Cryptography - CER file format (Certificate)

.CER files are PEM file with the cer extension to indicate that they hold a certificate. They have the public key, they don't have the private key in a Public Key Cryptography model The format is defined...
Csr Ldap Dn Properties
Cryptography - Certificate Signing Request

When requesting a signed certificate, an additional file must be created. This file is called Certificate Signing Request, generated from the Private Key. See the procedure at signed certificate procedure...
Cryptography - Encryption (Enciphering)

Encryption is the function of a cipher that transforms usable data into an unreadable form. It provides confidentiality if a secret is used in the encryption. There is two class of encryption. ...
Cryptography - JKS (Java Keystore)

In the JDK implementation of JKS, a keystore may contain both: key entries and trusted certificate entries. command line: Gui: Porte-cle: (download)...
Cryptography - Key

A key is a parameter used in a cipher algorithm that determines: the encryption operation (forward) and the decryption operation (backward). It's the only secret parameter that protect the anonymity...



Share this page:
Follow us:
Task Runner