How to use sshpk - 10 common examples
To help you get started, we’ve selected a few sshpk examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
tessel / t2-cli / lib / tessel / provision.js View on Github 
return new Promise(function(resolve, reject) {
if (Tessel.isProvisioned()) {
return resolve();
}
log.info('Creating public and private keys for Tessel authentication...');
// Generate SSH key
var key = new RSA({
b: 2048
});
var privateKey = key.exportKey('private');
var publicKey = sshpk.parseKey(key.exportKey('public'), 'pem').toString('ssh') + '\n';
// Make sure dir exists
fs.ensureDir(path.dirname(keyFile), function(err) {
if (err) {
return reject(err);
}
// Put SSH keys for Tessel in that folder
// Set the permission to 0600 (decimal 384)
// owner can read and write
var fileOptions = {
encoding: 'utf8',
mode: 0o600,
};
async.parallel([
(cb) => fs.writeFile(keyFile + '.pub', publicKey, fileOptions, cb), (cb) => fs.writeFile(keyFile, privateKey, fileOptions, cb),async function startServer() {
await appsRepository.refresh();
const app = express();
const publicKey = sshpk
.parseKey(await fs.readFile(gitRepositoryConfig.publicKey), 'auto')
.toBuffer('pem');
app.use(requestLogger);
app.use(configurePassport(publicKey, appsRepository));
app.use(express.json()); // for parsing application/json
app.use(express.urlencoded({ extended: true })); // for parsing application/x-www-form-urlencoded
app.get('/version', (req, res) => res.send(process.env.npm_package_version));
app.get('/health', (req, res) => res.status(200).json({}));
app.use(
'/api',
auth,
routes({
tagsRepository,
keysRepository,
appsRepository,
policyRepository,const getSignatoryNodeFromCertificate = async (certBase64: string) => {
const cert = sshpk.parseCertificate(Buffer.from(certBase64, "base64"), "pem");
if (!cert) {
throw new Error("Unable to parse Corda certificate");
}
if (!cert.subjects || !(cert.subjects instanceof Array) || cert.subjects.length === 0) {
throw new Error("No subject found in X.509 certificate");
}
// Filter out the Organization components ('O' attribute)
const subjectComponents = cert.subjects[0].components.filter((subject) => subject.name === "o");
if (!subjectComponents || subjectComponents.length === 0) {
throw new Error("No subject found in X.509 certificate with 'O' (Organization) attribute");
}
return subjectComponents[0].value;
};it('should resolve a remote file public key', async () => {
const keyId = '/pl/useast1/keyId'
const scope = nock('https://key.smartthings.com')
.get(keyId)
.reply(200, publicCert)
const authorizer = new Authorizer()
const actualPublicKey = await authorizer.getKey(keyId)
const isKey = sshpk.Key.isKey(actualPublicKey, [1, 1])
assert.strictEqual(isKey, true)
scope.done()
})async.eachLimit(records, 10,function(record, recordCb) {
for (filter in callObj.filterKey){
if(callObj.filterConfig && callObj.filterConfig[filter]) {
parameters[callObj.filterKey[filter]] = OracleConfig[callObj.filterValue[filter]];
} else {
parameters[callObj.filterKey[filter]] = record[callObj.filterValue[filter]];
}
}
try {
OracleConfig.privateKey = sshpk.parsePrivateKey(OracleConfig.keyValue, 'pem');
assert.ok(sshpk.PrivateKey.isPrivateKey(OracleConfig.privateKey, [1, 2]),
'options.key must be a sshpk.PrivateKey');
(!OracleConfig.RESTversion ? OracleConfig.RESTversion = '/20160918' : false )
} catch (e) {
console.log('Could not read the Oracle Private Key.');
}
if (callObj.restVersion ||
callObj.restVersion == '') {
OracleConfig.RESTversion = callObj.restVersion;
};
oci(callObj.api, oracleService, callKey, OracleConfig, parameters, function(result) {
if (result.code) {
aggregatedErrors.push(result);
}
//console.log('\n' + require('util').inspect(result, {depth: null}));
if (result &&callback(aggregatedErrors, aggregatedResults);
});
}
ociMany(callObj, OracleConfig);
} else {
for (filter in callObj.filterKey){
if(callObj.filterLiteral && callObj.filterLiteral[filter]) {
parameters[callObj.filterKey[filter]] = callObj.filterValue[filter];
} else {
parameters[callObj.filterKey[filter]] = OracleConfig[callObj.filterValue[filter]];
}
}
try {
OracleConfig.privateKey = sshpk.parsePrivateKey(OracleConfig.keyValue, 'pem');
assert.ok(sshpk.PrivateKey.isPrivateKey(OracleConfig.privateKey, [1, 2]),
'options.key must be a sshpk.PrivateKey');
(!OracleConfig.RESTversion ? OracleConfig.RESTversion = '/20160918' : false )
} catch (e) {
console.log('Could not read the Oracle Private Key.');
}
if (callObj.restVersion ||
callObj.restVersion == '') {
OracleConfig.RESTversion = callObj.restVersion;
};
return oci(callObj.api, oracleService, callKey, OracleConfig, parameters, function(result) {
if (result.code) {
return callback(result);
}const { gitOpsInput } = args;
const { publicKey, privateKey } = generateKeyPairSync("rsa", {
modulusLength: 4096,
publicKeyEncoding: {
type: "pkcs1",
format: "pem",
},
privateKeyEncoding: {
type: "pkcs1",
format: "pem",
},
});
const params = await Params.getParams();
const parsedPublic = sshpk.parseKey(publicKey, "pem");
const sshPublishKey = parsedPublic.toString("ssh");
const encryptedPrivateKey = await kotsEncryptString(params.apiEncryptionKey, privateKey);
await stores.kotsAppStore.createGitOpsRepo(gitOpsInput.provider, gitOpsInput.uri, gitOpsInput.hostname, encryptedPrivateKey, sshPublishKey);
return true;
},sshKeyToPEM: function sshKeyToPEM(key) {
assert.string(key, 'ssh_key');
var k = sshpk.parseKey(key, 'ssh');
return (k.toString('pem'));
},const toFingerprint = sshKey => {
try {
return sshpk
.parseKey(sshKey, 'ssh')
.fingerprint()
.toString();
} catch (e) {
logger.error(`Invalid ssh key: ${sshKey}`);
}
};function verifyKey(_, cb) {
var key;
try {
key = sshpk.parseKey(ufdsKey.pkcs);
} catch (err) {
log.error({err: err, login: login, key: ufdsKey.fingerprint},
'failed to parse pkcs key from UFDS');
cb(new errors.UnauthorizedError());
return;
}
/*
* Check the actual signature on the certificate -- this will prevent
* MD5 collisions from authing the key in the self-signed case,
* and will do the actual validation in the account-key-signed case.
*/
if (cert.isSignedByKey(key)) {
authCache.set(login, peerKeyFp);
cb();
} else {
log.info({login: login, authn: true},sshpk
A library for finding and using SSH public keys
