Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
@microsoft/dev-tunnels-ssh-keys
Advanced tools
Readme
Enables importing and exporting SSH public and private keys in various formats. Password-protection of private keys is also supported when importing and exporting some formats.
SSH public key - Single line starting with a key algorithm name
such as ssh-rsa
, followed by base64-encoded key bytes, and an optional
comment. Files in this format typically end with .pub
.
PKCS#1 public or private RSA key - PEM-encoded keys in this format begin
with one of the following:
-----BEGIN RSA PUBLIC KEY-----
-----BEGIN RSA PRIVATE KEY-----
SEC1 private EC key - PEM-encoded keys in this format begin with:
-----BEGIN EC PRIVATE KEY-----
PKCS#8 public or private key - PEM-encoded keys in this format begin
with one of the following:
-----BEGIN PUBLIC KEY-----
-----BEGIN PRIVATE KEY-----
-----BEGIN ENCRYPTED PRIVATE KEY-----
JSON Web Key (JWK) - Key paramters are formatted as JSON.
Private keys in PKCS#1, SEC1, or PKCS#8 format may be passphrase-protected, meaning the private key is encrypted using an encryption key derived from a passphrase. (The encryption used by the PKCS#1/SEC1 formats is weak and no longer recommended.)
For the key formats that are typically PEM-encoded, the equivalent binary (DER) format is also supported.
Use importKey*
, exportPublicKey*
, and exportPrivateKey*
functions provided
by the library to import or export keys. When importing, the key format can be
auto-detected in most cases.
// Import my password-protected RSA private key from a file.
const privateKey: KeyPair = importPrivateKeyFile('.ssh/id_rsa', myPassword);
// Use the private key for client public key authentication.
const session: SshClientSession = ...
const credentials: SshClientCredentials = { username, publicKeys: [ privateKey ] };
const result: boolean = await session.authenticate(credentials);
When exporting, you can specify the format, and optionally supply a password for encrypting the key. The default format is PKCS#8 because it has broad support and strong encryption when using password protection.
FAQs
SSH key import/export library for Dev Tunnels
The npm package @microsoft/dev-tunnels-ssh-keys receives a total of 941 weekly downloads. As such, @microsoft/dev-tunnels-ssh-keys popularity was classified as not popular.
We found that @microsoft/dev-tunnels-ssh-keys demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.