275

Let's suppose I have a SSH key, but I've deleted the public key part. I have the private key part. Is there some way I can regenerate the public key part?

Amandasaurus
  • 30,211
  • 62
  • 184
  • 246

2 Answers2

332

Use the -y option to ssh-keygen:

ssh-keygen -f ~/.ssh/id_rsa -y > ~/.ssh/id_rsa.pub

From the 'man ssh-keygen'

 -y      This option will read a private OpenSSH format file and print an
         OpenSSH public key to stdout.

Specify the private key with the -f option, yours might be dsa instead of rsa. The name of your private key probably contains which you used. The newly generated public key should be the same as the one you generated before.

Kyle Brandt
  • 82,107
  • 71
  • 302
  • 444
  • 8
    Why the "-t dsa"? Mayge the OP's key is rsa? I'd get rid of -t and instead use a -f. – innaM Aug 10 '09 at 14:44
  • 1
    Good point, updated accordingly – Kyle Brandt Aug 10 '09 at 14:52
  • yeah mine originally was RSA. – Amandasaurus Aug 10 '09 at 15:19
  • 1
    On Mac OSX 10.9.3 Mavericks I'm getting 'load failed' after running the command. How do I solve this? – Hyperfocus Jun 08 '14 at 18:02
  • 1
    I think you might take this one step further with the -N parameter in case the private key is password protected: `ssh-keygen -f ~/.ssh/id_rsa -y -N "$PASSWORD" > ~/.ssh/id_rsa.pub` – ken Oct 07 '14 at 12:28
  • @ken - surely it's a bit of a risk to enter your password at the shell prompt like that (it will be kept in the shell history, etc.), let alone storing it as an environment variable ($PASSWORD)? – Robert Muil Jun 30 '15 at 12:26
  • @RobertMuil It's ok, don't worry. For one thing, unless you `export`, other processes cannot see the variable. And you can use `read -s PASSWORD` to enter it without storing in shell history. – kubanczyk Nov 21 '15 at 10:01
  • Just saved me from creating new key pair by mistake reverted < with > on pb copy and boom key lost cat returned empty – silentsudo Dec 05 '18 at 10:22
  • @kubanczyk - the password would still be visible as a process when it was exported, so you're correct that the actual usage of the password would be safer, but the added steps before hand reduce this added security substantially! Much better to enter the password interactively. – Laice Aug 06 '22 at 21:30
7

Solution is specifically for users using Windows

Tool Used:

  • Puttygen (PuTTY Key Generator)
  • WinSCP

Steps to perform:

  1. Open PuTTY Key Generator.
  2. Load your private key (*.ppk file).
  3. Copy your public key data from the "Public key for pasting into OpenSSH authorized_keys file" section of the PuTTY Key Generator and paste the key data to the "authorized_keys" file (using notepad) if you want to use it.

Snapshot showing portions of Puttygen to focus:

Snapshot showing portions of Puttygen to focus

JonathanDavidArndt
  • 1,414
  • 3
  • 20
  • 29
devprashant
  • 171
  • 1
  • 4
  • Further reading: http://askubuntu.com/questions/53553/how-do-i-retrieve-the-public-key-from-a-ssh-private-key/700275#700275 – devprashant Nov 21 '15 at 10:07
  • Puttygen can also 'import' OpenSSH (really OpenSSL-legacy) and SSHCOM format privatekeys. And although originated on Windows, it has also been ported to Unix, and the Unix version of `puttygen` is a commandline (not GUI) program; see e.g. https://linux.die.net/man/1/puttygen – dave_thompson_085 Sep 06 '18 at 06:28