RSA - Can you create a public key from a private key?

Depends on the algorithm. With RSA, you cannot, with EC you can. However, the public key is usually always stored together with the private key (not the other way around, though, of course), so this is not really a problem (if you have the private key, the same file also includes the public key).


Private and public key are created together. Also, the standard storage format for a RSA private key includes all the public key fields, because it is useful for optimized implementations and masking (protection against some side-channel attacks). See the RSA standard itself: PKCS#1.

Edit: question has been edited, it was originally RSA-only. For other asymmetric algorithm, there is no requirement that the public key may be derived from the private key, nor is there any requirement of the contrary. For discrete logarithm-based algorithms (Diffie-Hellman, El-Gamal, DSA, and the elliptic curve variants of all of these), the public key is easily computed from the private key. It is possible to conceive a degenerate RSA in which knowledge of the private key does not allow reconstruction of the public key, but this requires not storing a few key elements which are needed for good performance (in full details, storing the RSA modulus factors allows for a 4x speed enhancement through the Chinese Remainder Theorem, so everybody stores the factors). On a more conceptual basis, the public key is, well, public, so it is assumed that "everybody" knows it; in practical terms, private key storage format almost always include provisions for storing the public key as well, or at least sufficient data to rebuild the public key.


Yes, you can do this (for some, probably not all, pkc schemes). From the ssh-keygen man file:

-y Read private key file and print public key.