I manage a virtual office and our staff uses both SSH keys and passwords for authentication. If one of our staff forgets his password, is there a way to encrypt a temporary password using his public RSA ssh key so I can send it to him via e-mail?
I've seen other questions related to this one, however the "answers" generally recommend against using the public/private SSH keys to perform general encryption/decryption and do not actually state if this is possible. I would like to know if it is indeed possible and what are the steps to encrypt and then decrypt the password.
Best Answer
I finally found how to convert an OpenSSH public key to PEM format on a blog and was able to successfully encrypt and decrypt a string using my private/public key.
I've outlined the steps I used to perform the encryption and decryption.
To encrypt a string:
To decrypt a string (from file):
Since my goal is to e-mail the password, I've written an extremely basic script to automate things a bit:
I can then send the output of the script in an e-mail for the user to decrypt.
The complete script is available on Github: https://gist.github.com/3078682