Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
If I have my private key but I don't have the public key, if the the public key on the remote computer has been deleted can I restore it?
Your public and private keys are the by-product of a mathematical computation. Think of mathematical computation as division and the public key as the result. The private key is the remainder. If all you have is the remainder, there is no way to use it to compute the result unless you still have the original two numbers used in the computation.
Due to the fact that key generators use random number generators and entropy gatherers, there is no way to reproduce the exact mathematical sequence that generated your two keys. This is by design. If someone could use one key to derive the other key, it would open the door to a lot of attacks.
That being said, if you are using GPG or PGP, you should have key ring files that have stored copies of both your public and private keys. The reason you need to keep a copy of your public key is so that you can encrypt your messages to yourself to allow you to read them later. If you do not encrypt to yourself, only the recipient can read your message.
EDIT: Pardon me. I glossed over the part about this being restricted to ssh.
Last edited by David1357; 08-27-2008 at 11:12 AM.
Reason: Added note about GPG and PGP keyrings. Added apology for missing restriction to ssh.
Dunno about this one. I've deleted my public key accidentally several times, but was able to rebuild a public key by using the private key. Note that this is for SSH key pairs, though, so in the case of PKI, it may be different (I thought the technology was very similar, though).
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660
Rep:
Quote:
Originally Posted by fatra2
Hi there,
I am not an expert on the question of keys and security, but I believe you can restore your keys, or create new ones, with
Code:
openssl
For the details on how to do so, you can search the web for example and more explanation.
Cheers
OP clearly asked about ssh keys, why would you lead them on a wild goose chase with OpenSSL? If you don't know what you're talking about, just leave the question alone and let someone else answer it (which colucix did).
Why it's matter talk I have asked the question about PPK of SSH? Why I can solve the problem with SSH PPK and other public/private keys pairs I can't?
ssh-keygen clearly creates a file that contains both the public and private keys (e.g. id_rsa). When you delete the public key (e.g. id_rsa.pub) you can extract another copy using "ssh-keygen -y".
On the other hand, imagine if someone could take your public key and derive your private key: they could read your messages and forge messages from you.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.