I have an RSA key (generated by PuTTYgen) that's set up for logging in to a bunch of machines via SSH. Or rather, i HAD such a key. (The computer it was on crashed, to the point that a reinstall of XP was required. The private key file is encrypted by the file system, and now that it's basically on what looks like a whole other OS and user, whatever XP would do to decrypt the key apparently can't be done anymore.)
What i have left is an OpenSSL-compatible base64 of the public key (from one of the machines still set up to accept passwords), and of course the passphrase to the key. I might(!) still have an old backup of the registry from before the machine died as well, but would have to search for it. Either way, it sounds like it might not be possible to recover the key file itself. (If it is possible, that'd be great. But the prospects aren't looking good so far.)
Is there any way to recover the private key, if i can't recover the actual file that contained it? Perhaps by importing the public key into PuTTYgen or openssl and doing some reverse thing on it? Contacting all the admins involved and sending them new keys could be a pain, so that's pretty much a last resort.
7
-
1
No. From what I know, you're SOL.
–user3914
Sep 22, 2010 at 17:40
-
How exactly was your XP box encrypted? Where you using EFS, or Truecrypt, or something else?
Sep 22, 2010 at 17:51
-
@Zoredache: It was encrypted with EFS, i assume. (I just checked the box in the file attributes that said "Encrypt this file to secure data" or something like that.)
–cHao
Sep 22, 2010 at 17:54
-
@cHao, was this computer on a domain with Active Directory Certificate services running? If so, your domain admin might have a key to recover the EFS encrypted files with.
Sep 22, 2010 at 18:14
-
1
And you didn't backup your EFS certificates? If you use EFS again please read up about the EFS Best practices
Sep 22, 2010 at 18:37
| Show 2 more comments
Presently the only way of "recovering" the Private key from the Public key is by exhaustive search (brute force). The system was specifically designed this way so that you could issue your public key to anyone without worrying about them being able to figure out your private key.
Edit:
Warning! Simplified explanation ahead!
Assuming you had RSA keys (the most common), the public key has two number in it: n and e. The private key has the same n, and another number d. Originally there were two huge prime numbers p and q which were used to calculate n, d, and e so that n and e could encrypt a text; n and d could decrypt the cyphertext. You have n and e. You can factor n to figure out p and q; the problem is that n is a freaking huge number with tons of possible p and q numbers. Currently there is no known way to do this quickly; I'm not sure if hackers have even bothered with writing tools to try. So in essence, no it's realistically not possible.
When you assign a passphrase to a key, it just does a simple encryption on the private key stored on your computer. The public key isn't affected at all by this. The passphrases are relatively easy to break compared to the private key itself; so this should not be relied on for primary security (you should keep your private key in safe places only).
answered Sep 22, 2010 at 17:46
Chris SChris S
77.8k1111 gold badges123123 silver badges216216 bronze badges
3
-
So there's way more difference between the keys than just the passphrase used to encrypt them?
–cHao
Sep 22, 2010 at 17:50
-
The passphrase is only there to protect your private key from being stolen or tampered with. The publik/private keypair are used as part of public key cryptography
Sep 22, 2010 at 17:59
-
@cHao, see my edit. Also, the passphrase only protects the private key, it doesn't do anything to the public key.
Sep 22, 2010 at 18:04
Add a comment |
I'm pretty sure there's no way of recovering the private key if you have the public key - this would be a big security risk otherwise, because anyone with a public key would then be able to determine the private key from it.
3
-
If i don't care about the old key, and just want another that can map to the same public key...same problem?
–cHao
Sep 22, 2010 at 17:48
-
1
Yep. Public keys can be publicly available. So if I had a public key which you knew, and you could create a private key which mapped to my public key, you could pretend to be me, and therefore get access to anywhere using my keys for authentication, e.g. my servers.
Sep 22, 2010 at 17:53
-
1
That's called a "key collission" and it's a very bad thing in cryptography, to the point where any algorithm that shows signs of it is pretty much immediately disqualified from use.
Feb 6, 2016 at 14:36
Add a comment |
If I understand correctly, you want to generate a compatible private key from the public key. If this was possible, the whole system would be pointless. If you do manage it, I'd like to know how to I generate my bank's private key from their SSL certificate.
6
-
3
If PuTTY has stored the key in the registry, it will be under HKEY_CURRENT_USER\Software\SimonTatham\PuTTY - if you have a system state backup you might not be as SOL as it first looked.
Sep 22, 2010 at 17:57
-
-
@cHao, yes; you can load the hive using regedit and navigate to that key to see if it's there.
Sep 22, 2010 at 18:05
-
All i see in there are public keys for servers i've connected to, and session settings. The session settings don't seem to have keys set in them...but...LOL! The default settings point to an unencrypted file in \Program Files\PuTTY!
–cHao
Sep 22, 2010 at 18:13
-
Guess i wasn't protecting stuff as much as i thought i was. :) Oh well. That tip to look in the old registry helped a lot.
–cHao
Sep 22, 2010 at 18:30
| Show 1 more comment
It is absolutely impossible to recover a private key from a public key. You can generate a public from a private, but not the other way around. It is completely impossible, and is also the point of asymmetrical encryption.
8
-
1
I wouldn't say "completely impossible". Anything's possible given enough time and CPU power. :) But yeah, i could definitely see it being infeasible.
–cHao
Sep 22, 2010 at 17:58
-
4
-
1
It's not impossible, just Very Hard and it's designed to be hard. Periodically there are improvements in the quality of the attacks that can be brought to bear, and computers are always getting harder and faster, so the key length is made longer. PGP users used to use 512 bit RSA keys, and now 1024 is far more common. Statements of impossibility lead to over-confidence and hubris. Just settle for "designed to be far harder than you should be able to achieve".
Oct 13, 2010 at 22:00
-
You are wrong to say that you can generate a public key from a private; this is equally difficult.
Feb 17, 2011 at 22:00
-
1
@MadHatter: Private key files tend to have enough info in them to recreate the public key. (OpenSSH files do, at least, and it'd seem Putty's PPK files do too.) While you can't take the actual key and derive the public key from it, if you have the key file, it apparently contains the private key plus the numbers used to generate both keys.
–cHao
Nov 21, 2011 at 21:04
| Show 3 more comments
The only thing you can do quickly is generate a new set of private and public key sets and replace the public keys on the servers you are trying to access, however, to do this you must have physical access to the servers that you had the public keys stored on before.
If you don't have physical access to the machines it will be virtually impossible for you.
Also, even if you have physical access to the servers, if the hard drives or the area where the keys were stored are encrypted, again, it will be virtually impossible for you.
Doug Pan
Add a comment |
Not the answer you're looking for? Browse other questions tagged
Not the answer you're looking for? Browse other questions tagged