Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

UX: no way to get public key from private key #122

Closed
mgrandi opened this issue May 13, 2020 · 4 comments
Closed

UX: no way to get public key from private key #122

mgrandi opened this issue May 13, 2020 · 4 comments
Milestone

Comments

@mgrandi
Copy link

mgrandi commented May 13, 2020

there seems to be no way to generate the public key from the private key given the current options available to age-keygen and age, I was wondering if it was worth having this (if it is possible, i am ignorant in this field) in case you ever lose the "public" part of the key

for example, ssh can do this via

ssh-keygen -y -f ~/.ssh/id_rsa > ~/.ssh/id_rsa.pub

is this useful to add?

@alerque
Copy link
Contributor

alerque commented May 14, 2020

I don't know whether the underlying cryptography is age's case would even support this, but if it does and there is a way to derive the public key from the private key that would be a useful addition to the UI.

Another example of this usage would be WireGuard. First you generate the private key using wg genkey, only then can you even generate a public key by passing the private key to wg pubkey. You could compose this to output both keys at once, say by wg keygen | tee /dev/stderr | wg pubkey, but the separate steps are both convenient and make it super clear what key you are outputting when.

I would suggest this two step process of outputting keys is a better way to resolve the current situation where one is sent to a file and the other is output to the terminal. It's of course possible to capture both with the current system but it requires a little more understanding of the shell and is more open to confusion.

@dsprenkels
Copy link
Contributor

I am interested in implementing this!

My current idea is to expand age-keygen:

Usage of ./age-keygen:
  -o FILE
        output to FILE (default stdout)
  -p, --pubkey KEY
        Read the private key file at path KEY and print the corresponding public key.

@mgrandi
Copy link
Author

mgrandi commented Sep 29, 2020

Sounds good, except the name of the argument being pubkey sounds a bit confusing

@dsprenkels
Copy link
Contributor

Sounds good, except the name of the argument being pubkey sounds a bit confusing

It was based on wireguard's wg pubkey command. I'm open to suggestions! :)

dsprenkels added a commit to dsprenkels/age that referenced this issue Sep 29, 2020
FiloSottile added a commit that referenced this issue Mar 10, 2021
Copied -y from ssh-keygen. Copied the INPUT as only optional argument
from cmd/age.

Fixes #122
Closes #146
@FiloSottile FiloSottile added this to the v1.0.0 milestone Apr 22, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging a pull request may close this issue.

4 participants