Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Openssh Private Key to RSA Private Key

(I am using MAC)

My id_rsa starts with

-----BEGIN OPENSSH PRIVATE KEY----- 

but I expect it to starts with

-----BEGIN RSA PRIVATE KEY----- 

I have send my id_rsa.pub to server administrator to get the access to server, so I don't want to generate a new key.

  1. Is there any way that I can transfer my id_rsa which is a openssh private key to a RSA private key? (command please.)

  2. If I can transfer, do I also need to transfer id_rsa.pub? (command please.) It seems id_rsa.pub doesn't have a header like id_rsa, so I am not sure if I should also transfer this.

Thank you!

like image 729
Eleanor Avatar asked Mar 05 '19 02:03

Eleanor


People also ask

How do I convert an OpenSSH private key to an RSA private key?

install putty: sudo apt install putty. install puttygen: sudo apt install putty-tools. convert the private key to the intermediate format SSHv2: puttygen yourkey -O private-sshcom -o newkey. convert it back to RSA/PEM: ssh-keygen -i -f newkey > newkey_in_right_format.

What is difference between RSA private key and private key?

RSA key is a private key based on RSA algorithm. Private Key is used for authentication and a symmetric key exchange during establishment of an SSL/TLS session. It is a part of the public key infrastructure that is generally used in case of SSL certificates.

What is OpenSSH private key format?

So, the OpenSSH private key format ultimately contains a private key encrypted with a non-standard version of PBKDF2 that uses bcrypt as its core hash function. The structure that contains the key is not ASN. 1, even though it's base64 encoded and wrapped between header and footer that are similar to the PEM ones.


1 Answers

You have an OpenSSH format key and want a PEM format key. It is not intuitive to me, but the suggested way to convert is by changing the password for the key and writing it in a different format at the same time.

The command looks like this:

ssh-keygen -p -N "" -m pem -f /path/to/key 

It will change the file in place, so make a backup of your current key just in case. -N "" will set the passphrase as none. I haven't tested this with a passphrase.

The public key should be fine as is.

For full explanation of the above command, see the -m option here: https://man.openbsd.org/ssh-keygen#m

like image 66
Tad M. Avatar answered Sep 21 '22 00:09

Tad M.