Is there a way to convert existing pair of OpenSSH keys to the SSH2 (ssh.com format) pair of keys?
UPD: since there are some answers about ssh-keygen
suddenly appeared, I'll explain where I came from (also it will be a nice answer on "what have you tried?").
$> diff --report-identical-files <(ssh-keygen -e -f ~/.ssh/id_dsa) <(ssh-keygen -e -f ~/.ssh/id_dsa.pub)
Files /tmp/zshAGGWAK and /tmp/zshPZiIr6 are identical
In other words, ssh-keygen
returns same keys for private and public input keys (hashes of original files are obviously different, I've checked them twice to ensure that they are valid private and public keys). It seems to be that ssh-keygen
generates only public key for private or public input key.
I'm doing it wrong or it is a normal behavior?
Best Answer
This tutorial titled: SSH: Convert OpenSSH to SSH2 and vise versa appears to offer what you're looking for.
Convert OpenSSH key to SSH2 key
Run the OpenSSH version of
ssh-keygen
on your OpenSSH public key to convert it into the format needed by SSH2 on the remote machine. This must be done on the system running OpenSSH.Convert SSH2 key to OpenSSH key
Run the OpenSSH version of
ssh-keygen
on your ssh2 public key to convert it into the format needed by OpenSSH. This needs to be done on the system running OpenSSH.The tutorial goes on to show how to both generate the various types of keys and how to export them to other formats.
Use this for private & public keys?
According to the man page, the answer would be a yes. Looking at the man page for
ssh-keygen
it states the following for the-e
switch:But in practice it would appear that
ssh-keygen
can't convert private keys, only public ones.For example:
Looking at the resulting extracted keys confirms this:
Googling a bit I came across this blurb from an article titled: How do you convert OpenSSH Private key files to SSH. The site seemed to be up and down but looking in Google's cache for this page I found the following blurb:
The article goes on to cover a method for converting a openssh private key to a ssh.com private key through the use of PuTTY's
puttygen
tool. NOTE:puttygen
can be run from Windows & Linux.Given the above I worked out the following using
puttygen
, using our previously generated private/public openssh key-pair:The commenting is different so you can't just compare the resulting files, so if you look at the first few lines of the keys, that's a pretty good indicator that the above commands were successful.
Comparison of public ssh.com keys:
Comparison of public openssh keys: