我想启动一个WindowsEC2实例,并使用Python以编程方式获取管理员密码。我知道这可以通过像这样的CLI来完成,但我更愿意在本地解密,以避免通过internet发送私钥
aws ec2 get-password-data --instance-id i-0d4d8273cadcae0a0 --priv-launch-key .ssh/elliott2.pem
在阅读Cryptodome文档后,我试着这样做:
import boto3
from Crypto.PublicKey import RSA
from Crypto.Cipher import PKCS1_OAEP
ec2 = boto3.resource('ec2', 'us-west-2')
i = ec2.Instance('i-028dee2acb533fc59')
encrypted_str = i.password_data()['PasswordData']
with open('mykey.pem') as fp:
key = RSA.importKey(fp.read())
cipher = PKCS1_OAEP.new(key)
print(cipher.decrypt(enc_str))
此操作失败并出现错误:
Traceback (most recent call last):
File "test.py", line 14, in <module>
print(cipher.decrypt(encrypted_str))
File "/Users/elliott/Library/Python/3.8/lib/python/site-packages/Crypto/Cipher/PKCS1_OAEP.py", line 167, in decrypt
raise ValueError("Ciphertext with incorrect length.")
ValueError: Ciphertext with incorrect length.
我认为cipherkey
必须正好是256字节。但是密码数据比这个长,所以我不知道该怎么办
目前没有回答
相关问题 更多 >
编程相关推荐