There are two primary authentication methods for logging onto an SSH server as a user. The first is password based authentication, and the second is public key authentication. The public/private RSA key pair for public key authentication can be created using OpenSSH’s “ssh-keygen” application.
I’m not going to go into the exact method on accomplishing this because instructions can be found on countless other places on the internet. However, I was curious yesterday as to what exactly was in the public key (.pub) files created by ssh-keygen, as the data payload was larger than I expected (2232 bits for a 2048 bit key). I couldn’t find documentation on this ANYWHERE on the internet, so I downloaded the OpenSSH source code and looked at the generation code of the files. The format of the files is as follows:
- The public key files are ASCII based text files with each public key taking up exactly one line.
Each line is formatted with 2 pieces of data as follows:
- KEY_TYPE is the type of public key, which in our case (and most cases nowadays) is “ssh-rsa”.
- DATA_PAYLOAD contains the actual public key information encoded in base64 with the following format:
|Type||Byte length||Name||Description||Default Value|
|unsigned int||4||KEY_TYPE_LENGTH||Length of the next entry||7|
|String||See previous||KEY_TYPE||See above||ssh-rsa|
|unsigned int||4||E_LENGTH||Length of the next entry||3|
|BigInt||See previous||e||this is the public key exponent in RSA||65537|
|unsigned int||4||N_LENGTH||Length of the next entry||KEY_BIT_SIZE/8 (optional +1)|
|BigInt||See previous||n||this is the “modulus for both the public and private keys” in RSA||Key dependent|
I also checked putty public key authentication files and they seemed to contain the exact same DATA_PAYLOAD.