github.com/rogpeppe/juju@v0.0.0-20140613142852-6337964b789e/utils/ssh/generate.go (about)

     1  // Copyright 2013 Canonical Ltd.
     2  // Licensed under the AGPLv3, see LICENCE file for details.
     3  
     4  package ssh
     5  
     6  import (
     7  	"crypto/rand"
     8  	"crypto/rsa"
     9  	"crypto/x509"
    10  	"encoding/pem"
    11  	"fmt"
    12  	"strings"
    13  
    14  	"code.google.com/p/go.crypto/ssh"
    15  )
    16  
    17  // rsaGenerateKey allows for tests to patch out rsa key generation
    18  var rsaGenerateKey = rsa.GenerateKey
    19  
    20  // KeyBits is used to determine the number of bits to use for the RSA keys
    21  // created using the GenerateKey function.
    22  var KeyBits = 2048
    23  
    24  // GenerateKey makes a 2048 bit RSA no-passphrase SSH capable key.  The bit
    25  // size is actually controlled by the KeyBits var. The private key returned is
    26  // encoded to ASCII using the PKCS1 encoding.  The public key is suitable to
    27  // be added into an authorized_keys file, and has the comment passed in as the
    28  // comment part of the key.
    29  func GenerateKey(comment string) (private, public string, err error) {
    30  	key, err := rsaGenerateKey(rand.Reader, KeyBits)
    31  	if err != nil {
    32  		return "", "", err
    33  	}
    34  
    35  	identity := pem.EncodeToMemory(
    36  		&pem.Block{
    37  			Type:  "RSA PRIVATE KEY",
    38  			Bytes: x509.MarshalPKCS1PrivateKey(key),
    39  		})
    40  
    41  	signer, err := ssh.ParsePrivateKey(identity)
    42  	if err != nil {
    43  		return "", "", fmt.Errorf("failed to load key: %v", err)
    44  	}
    45  
    46  	auth_key := string(ssh.MarshalAuthorizedKey(signer.PublicKey()))
    47  	// Strip off the trailing new line so we can add a comment.
    48  	auth_key = strings.TrimSpace(auth_key)
    49  	public = fmt.Sprintf("%s %s\n", auth_key, comment)
    50  
    51  	return string(identity), public, nil
    52  }