I’ve generated a Linux Instance in the Oracle Cloud. Locally I work on Windows-10 Client computer. During generation of the Linux Instance Private and Open-SSH public keys have been generated in Linux and been downloaded to local windows, too.
With this now
1.) Private keys in Open-SSH format are stored on both windows and linux and kept secret
2.) I can login from into Linux using the public key with this
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -command ssh -i D:\wrk\ssh-key-2020-08-01.key opc@xxx.xx.xx.xxx.
Connection is established, thus key validation is successful.
Now I need a SFTP GUI Client on window for file exchange.
I tried WinSCP or Filezilla. Both tool require the privat key either in PPK or PEM format. The private key file provided by OCI/oracle [always free version, thus no support from oracles side to be expected] has .KEY file extension and has openSSH format, guess it's SSH2.
<edit added in response to comment of Martin Prikryl>
Actually WinSCP does try to handle my private openSSH Keyfile by offering to convert it to Putty format. Trying to convert WinScp then signals an error: "unrecogniszed key type". Anyhow my openSSH Pub/key-keypair has proven to work with a key-exchange over a SSH-Console connection.
</edit added in response to comment of Martin Prikryl>
Need to work on the existing private key, because I don't see a way to exchange any files between the Clound/Linux and my local Client/Windows-10. Thus I can't transfer any newly created secret private key files in PEM or PPK-Format from linux to windows or vice versa, without a FSTP connection.
Thus my question
How can I convert the openSSH private key in windows into PEM or PPK Format – when I get the error "unrecognised key type" while trying to do so with WinSCP?
additional info
Trying to come close to the request of @Martin Prikryl:
I created another LINUX instance with its own SSL-keypair and publish this here. The instance will be disposed later, thus I guess there is no need for privacy of this instance.
powershell>openssl rsa -check -in ssh-key-trial.key RSA key ok writing RSA key
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAsUQnog4X8CramCQMGk9MHJ+43QSrIsUsTpvrSvYpS+PcJEWY
RhHMDJWnJmxj6qc44WZLU1dx/578X7UvARlVXRr7vEOW00ruk7TNViH1+1Qt2tkz
RI5VIhPvjeN4YKs7NfdLRQNB0hmMKavkkhyUHYQZozS/w6+ubyQA8+mydueocUG/
Z5PYQhxY+dxMauJs92lyIQNgcZfHFhhrfHDnipDFd3YHxI+RNPoTUrKAk6NgD4QB
R/XuV4pwjuo6F4Zjc+kxHRAIHJJuGyHtMI07NgvqyBvtD24exigxUxHBh0DQIe86
KxwqcqOzoUfqPwTta+d+/bEpwOAY6Zep9ETLywIDAQABAoIBAACfSIT/EIjHX1QM
pazC5krs5P7q7/osTKq/Kyg5gDwSyoHr0Yw+NuHWbQki7HWofgCV3iqM9IZhVaVf
r+6VJ9CEJaFSK8/9LoJUSBmxmH0zx70GAwMn485ocsW1F0G1vXx/gXqhCJkCwgMW
f82FOMJnOrskFluPLgCYMspkHW9Y78i/4m8m7ezclCRdu2rMJpTx9mmEZ4hHkfYN
z93kbOSGPRR1aJpfKEM5hQsd+jzQqzH7ETEGYequ9rPv4xBaEnrYLCkvVQ3r+TPY
RgqBXW+17+oJwwxok4kDsQBPoY8HbJGuhPTQOVBSZeHyA7g81rIIPC2xD9bQ+yYa
SwFJ/RUCgYEA1Vxkbuk8LGHQ29tz2a2EDw6Aw9prpmRJGbuDUowoqNSF3gRAbDEn
zjiLg6eHIG/XvQILOEKcG/xx+jzDw3ohceZxaWY0/QQoJsOSqwOn34o+Cq9JxlS8
z++iOcXZW5pyAjTPzZrtPbisOy9SugxwP9K2zP0nIvF3DZ+8Mx6dUO8CgYEA1LEl
5HdVsYZVIS6S1Jp1uSu056+X22tOVce/vB6WPNaKgoPEW+dcX0E6So4GlvBfkIYT
brzk4rdNFGLt0QyH9s1AgEcORDNHYZ9w93zBz4yZSFPLCzMnMA79shrkL8WnTJpW
UjBGYFdQrnukng4f5mNK8o5/foGibvJWk9Oe+uUCgYAP4kv70dNP/ow9Ae5zAy70
rAC8E/O1tHuYtdQF/jc8sm2w5KIjK9mpyZ3hVESEDq+B+7f4HUVf9ABMP9/XGq2I
vD4vOZOyTm/qyt6Nar1BsBoEU55rbH2OAWoTYP5Yinv4XBQoW2NUF/6CfXhsL2bf
6YEAa8xRFqblVcH+EEZn8wKBgQCDje66GXXPkB8nnv8CsWcPWZFTnLB47y5MsHhP
izux9aFGiOnzTm88G8RKSP6abaMuaT+rxvproKT0bxxZqT6P0PSMY2bXmEAWid/9
tBTMo1JMAkgcbU9X0m3os+lgAwkvwGaT/3gILvmgcqmneWURw2igDrOdM+GcbhhO
5x32YQKBgH04h5jE+AfK+Y+BzigpJIDwDvLjr6DzinW8rTzTT7bsqRg0TT85mvp+
qK9Ndn3aDClj6FgrYsn1xsHoEy2V/AkmFRuZiC44bouiAvAX06XBs5uOjS4tWD+5
7Fryt6MkS7UmBPYvYn2yhAPmg4v2cfyqFB7k8ZTdCX2uqJzubkiz
-----END RSA PRIVATE KEY-----
rsa -check on the original private keyfile says it's ok. WinScp, Putty and PuttyGen nevertheless don't accept it. Hope this supports my case.
@ Martin Prikryl
Yes, I just copied the output of the above <openssl rsa -check..>-command into the text compound above. Below you see the content of the original file ssh-key-trial.key.
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCxRCeiDhfwKtqY
JAwaT0wcn7jdBKsixSxOm+tK9ilL49wkRZhGEcwMlacmbGPqpzjhZktTV3H/nvxf
tS8BGVVdGvu8Q5bTSu6TtM1WIfX7VC3a2TNEjlUiE++N43hgqzs190tFA0HSGYwp
q+SSHJQdhBmjNL/Dr65vJADz6bJ256hxQb9nk9hCHFj53Exq4mz3aXIhA2Bxl8cW
GGt8cOeKkMV3dgfEj5E0+hNSsoCTo2APhAFH9e5XinCO6joXhmNz6TEdEAgckm4b
Ie0wjTs2C+rIG+0Pbh7GKDFTEcGHQNAh7zorHCpyo7OhR+o/BO1r5379sSnA4Bjp
l6n0RMvLAgMBAAECggEAAJ9IhP8QiMdfVAylrMLmSuzk/urv+ixMqr8rKDmAPBLK
gevRjD424dZtCSLsdah+AJXeKoz0hmFVpV+v7pUn0IQloVIrz/0uglRIGbGYfTPH
vQYDAyfjzmhyxbUXQbW9fH+BeqEImQLCAxZ/zYU4wmc6uyQWW48uAJgyymQdb1jv
yL/ibybt7NyUJF27aswmlPH2aYRniEeR9g3P3eRs5IY9FHVoml8oQzmFCx36PNCr
MfsRMQZh6q72s+/jEFoSetgsKS9VDev5M9hGCoFdb7Xv6gnDDGiTiQOxAE+hjwds
ka6E9NA5UFJl4fIDuDzWsgg8LbEP1tD7JhpLAUn9FQKBgQDVXGRu6TwsYdDb23PZ
rYQPDoDD2mumZEkZu4NSjCio1IXeBEBsMSfOOIuDp4cgb9e9Ags4Qpwb/HH6PMPD
eiFx5nFpZjT9BCgmw5KrA6ffij4Kr0nGVLzP76I5xdlbmnICNM/Nmu09uKw7L1K6
DHA/0rbM/Sci8XcNn7wzHp1Q7wKBgQDUsSXkd1WxhlUhLpLUmnW5K7Tnr5fba05V
x7+8HpY81oqCg8Rb51xfQTpKjgaW8F+QhhNuvOTit00UYu3RDIf2zUCARw5EM0dh
n3D3fMHPjJlIU8sLMycwDv2yGuQvxadMmlZSMEZgV1Cue6SeDh/mY0ryjn9+gaJu
8laT05765QKBgA/iS/vR00/+jD0B7nMDLvSsALwT87W0e5i11AX+NzyybbDkoiMr
2anJneFURIQOr4H7t/gdRV/0AEw/39carYi8Pi85k7JOb+rK3o1qvUGwGgRTnmts
fY4BahNg/liKe/hcFChbY1QX/oJ9eGwvZt/pgQBrzFEWpuVVwf4QRmfzAoGBAION
7roZdc+QHyee/wKxZw9ZkVOcsHjvLkyweE+LO7H1oUaI6fNObzwbxEpI/pptoy5p
P6vG+mugpPRvHFmpPo/Q9IxjZteYQBaJ3/20FMyjUkwCSBxtT1fSbeiz6WADCS/A
ZpP/eAgu+aByqad5ZRHDaKAOs50z4ZxuGE7nHfZhAoGAfTiHmMT4B8r5j4HOKCkk
gPAO8uOvoPOKdbytPNNPtuypGDRNPzma+n6or012fdoMKWPoWCtiyfXGwegTLZX8
CSYVG5mILjhui6IC8BfTpcGzm46NLi1YP7nsWvK3oyRLtSYE9i9ifbKEA+aDi/Zx
/KoUHuTxlN0Jfa6onO5uSLM=
-----END PRIVATE KEY-----
As I just found out now -File is a decrypted version of -File. My problem is/was that WinScp and PuttyGen can't handle the encrypted form of the file. <openssl rsa -check..>-command can decrypte the input and writes the decrypted version to the output.
This command decryptes the private key directly into the outputfile:
openssl rsa -in ssh-key-trial.key -out decrypted_ssh-key-trial.key
Using this file now with WinScp I get a connection the the Oracle Infrastructure Instance. Problem solved.
Problem cause is:
WinSCP and PuttyGen fail on conversion of openSSH private key (encrypted form) to PEM or PPK formtype on windows.
Solution: openSSH private key has to be decrypted first by SSH-Tool of windows-10.
WinScp, PuttyGen can't read open SSH in encrypted form, aka with fileheader <RSA PRIVATE KEY>
thus solution is:
decrypte the file to the form as show above. This format is understood by WinScp 5.17.7 (Build 10640), PuttyGen Rel 0.73
Thanks to @Martin Prikryl for your support in this desperate situation, which helped me to come to an end with this.
Best Answer
I had the same issue.
Generated ssh keys using rsa, 2048 and git bash.Using PuttyKey Gen to convert failed.
I then downloaded the latest version and it worked.
Version 0.74 according to help / about.
There is new functionality even though I've been using the same format for several years. Possibly Windows Git Bash uses new openssh or a newer process.