How to retrieve RSA private key when creating keypair using Compute API?

asked 2015-02-10 15:12:14 -0600

zxcviii gravatar image

updated 2015-02-10 15:13:07 -0600

I'm currently writing a simple UI for doing a limited set of actions in Openstack and I've become stuck on allowing the user of the interface to make a call to create a keypair, and then get a .pem file in return with their private key.

As far as I'm aware the POST/v2/​{tenant_id}​/os-keypairs only returns a response with the public key, fingerprint,name and user id. I'm a novice with this type of security so I may be missing something straightforward, but any advice on how to handle keypair creation in this way would be appreciated!

edit retag flag offensive close merge delete

1 answer

Sort by » oldest newest most voted

answered 2015-02-10 19:29:45 -0600

larsks gravatar image

When you have questions about the Nova API, one of the best things you can do is run the nova command line client with the --debug flag, which will show you exactly what requests are being made. For example, if you run:

nova --debug keypair-create testkey

You see that it makes a POST to the /v2/<tenant_id>/os-keypairs endpoint:

curl -i '' -X POST [...]
  -d '{"keypair": {"name": "testkey"}}'

And that it gets back a JSON response containing both a public_key and private_key keys:

  "keypair": {
    "fingerprint": "20:41:b0:e1:0d:df:3e:00:b3:c0:8d:37:a8:a2:dd:f0",
    "name": "testkey",
    "user_id": "564bafe6f37f4d88bd028c12d47d6dde",
    "private_key": "-----BEGIN RSA PRIVATE KEY-----...",
    "public_key": "ssh-rsa ...",

And this is hopefully exactly what you need.

edit flag offensive delete link more


Fantastic, thank you so much. It didn't occur to me to try the actual POST as opposed to relying on documentation to be accurate. Highly appreciate your advice.

zxcviii gravatar imagezxcviii ( 2015-02-10 20:10:58 -0600 )edit

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2015-02-10 15:12:14 -0600

Seen: 6,190 times

Last updated: Feb 10 '15