Photo by Sixteen Miles Out on Unsplash

Your RSA Keys Are Likely To Be So Important For The Security of Your Organisation … especially OpenSSH ones

Do you know your DER from your PEM, and PKCS1 from OpenSSH keys?

Your RSA keys are likely to be fundamental to your organisation's security? Why? Well, if your company has a connection to the Cloud, it is likely that you’ll be using SSH to connect to it. Also, if you have GitHub, your company will often use an OpenSSH key pair to authenticate you. For this, we create an RSA key pair and then store the private key on your host, and then upload the public key onto the server. When you log in, you sign a message with your private key, and where the public key on the server then authenticates you. A typical command is:

$ ssh-keygen -t rsa -b 4096 -C "fred@home.com"

and which will generate a 4,096-bit key pair. We typically store the private key in the ./ssh folder, and which contains a public key in the form:

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAXQMfdioW/ibO3rtEACYqplJjfYa2hSqQtfNIk4h
7Dah+IrHeiN0m8vr2ldkso2gqQpvxFArJZ2EAiRtMQVfeTyauhd5rk0x8H00AfQABJDq6grldiz
uYy5tCC7V2Fw==

The private key typically has a PEM form:

-----BEGIN PRIVATE KEY…