So how do you validate a public key programmatically? I’ve had this question when I had to implement a feature in one of our application. It is possible using the ssh-keygen
utility.
ssh-keygen -lf publickey.pub
Here,
-l Show fingerprint of key file.
-f filename Filename of the key file.
The hack is to check the fingerprint of the public key. If you get an error when trying get the fingerprint of the public key, that means the public key is invalid. If you get it, you have a valid public key!