SSH public key parser
Project description
Native implementation for validating OpenSSH public keys.
Currently ssh-rsa, ssh-dss (DSA), ssh-ed25519 and ecdsa keys with NIST curves are supported.
Installation:
pip install sshpubkeys
or clone the repository and use
python setup.py install
Usage:
import sys
from sshpubkeys import SSHKey
ssh = SSHKey("ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAYQCxO38tKAJXIs9ivPxt7AY"
"dfybgtAR1ow3Qkb9GPQ6wkFHQqcFDe6faKCxH6iDRteo4D8L8B"
"xwzN42uZSB0nfmjkIxFTcEU3mFSXEbWByg78aoddMrAAjatyrh"
"H1pON6P0= ojarva@ojar-laptop", strict_mode=True)
try:
ssh.parse()
except InvalidKeyException as err:
print("Invalid key:", err)
sys.exit(1)
except NotImplementedError as err:
print("Invalid key type:", err)
sys.exit(1)
print(ssh.bits) # 768
print(ssh.hash_md5()) # 56:84:1e:90:08:3b:60:c7:29:70:5f:5e:25:a6:3b:86
print(ssh.hash_sha256()) # SHA256:xk3IEJIdIoR9MmSRXTP98rjDdZocmXJje/28ohMQEwM
print(ssh.hash_sha512()) # SHA512:1C3lNBhjpDVQe39hnyy+xvlZYU3IPwzqK1rVneGavy6O3/ebjEQSFvmeWoyMTplIanmUK1hmr9nA8Skmj516HA
print(ssh.comment) # ojar@ojar-laptop
print(ssh.options) # None (optional options at the beginning of public key. You may want to check for these if you're validating user-submitted keys.)
Options
strict_mode: if set to True, disallows keys OpenSSH’s ssh-keygen refuses to create. For instance, this includes DSA keys where length != 1024 bits and RSA keys shorter than 1024-bit. If set to False, tries to allow all keys OpenSSH accepts, including highly insecure 1-bit DSA keys.
Exceptions
NotImplementedError if invalid ecdsa curve or unknown key type is encountered.
- InvalidKeyException if any other error is encountered:
TooShortKeyException if key is too short (<768 bits for RSA, <1024 for DSA, <256 for ED25519)
TooLongKeyException if key is too long (>16384 for RSA, >1024 for DSA, >256 for ED25519)
InvalidTypeException if key type (“ssh-rsa” in above example) does not match to what is included in base64 encoded data.
MalformedDataException if decoding and extracting the data fails.
Tests
See “tests/” folder for unit tests. Use
python setup.py test
or
python3 setup.py test
to run test suite. If you have keys that are not parsed properly, or malformed keys that raise incorrect exception, please send your public key to olli@jarva.fi, and I’ll include it. Alternatively, create a new issue or make a pull request in github.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for sshpubkeys-2.1.0-py2.py3-none-any.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 7afc9b68a832a31750f94b2990c9d97f2d457be50a731fd03cb2fbf1ea77b2df |
|
| MD5 | f11860f6cc714bffdfc7192d3d90f606 |
|
| BLAKE2b-256 | e084f6f0f977b81453ae362d3c48d6e05b6f31f2692aa5bd8402253540789e6b |
