CODEWITHSUNDEEP
bashmacossshrsaopenssh
Eleanor
Eleanor

Reputation: 2847

Openssh Private Key to RSA Private Key

(I am using MAC)

My id_rsa starts with

-----BEGIN OPENSSH PRIVATE KEY-----

but I expect it to starts with

-----BEGIN RSA PRIVATE KEY-----

I have send my id_rsa.pub to server administrator to get the access to server, so I don't want to generate a new key.

  1. Is there any way that I can transfer my id_rsa which is a openssh private key to a RSA private key? (command please.)

  2. If I can transfer, do I also need to transfer id_rsa.pub? (command please.) It seems id_rsa.pub doesn't have a header like id_rsa, so I am not sure if I should also transfer this.

Upvotes: 158

Views: 232689

Answers (6)

jimh
jimh

Reputation: 1947

What has worked just fine for me in converting a private key to/from RSA to/from OpenSSH is simply changing the header and footer in vi from one format to another. E.g.: change the top from

-----BEGIN RSA PRIVATE KEY-----

to

-----BEGIN OPENSSH PRIVATE KEY-----

and the footer from

-----END RSA PRIVATE KEY-----

to

-----END OPENSSH PRIVATE KEY-----

Upvotes: -1

Claudio Kuenzler
Claudio Kuenzler

Reputation: 872

Some of the answers above didn't work and I actually ran into yet another problem when trying to create a RSA private key from the OpenSSH private key using ssh-keygen command: unsupported cipher 3des-cbc. A helpful gist for that problem can be found here: https://gist.github.com/twelve17/0449491d86158960fdb630160799ff23.

The following command worked for me to create a valid and working RSA private key from a (Putty on Windows generated) OpenSSH key using:

$ sudo apt install putty-tools
$ puttygen existing_key.ppk -o id_rsa -O private-openssh
# enter passphrase if needed

Upvotes: 1

jersey-ninja
jersey-ninja

Reputation: 1158

  1. Install and open puttygen
  2. Click on "Load an existing private key file"
  3. Click on menu item "Conversions" -> "Export OpenSSH key"
  4. Save file

Upvotes: 12

Tad M.
Tad M.

Reputation: 3358

You have an OpenSSH format key and want a PEM format key. It is not intuitive to me, but the suggested way to convert is by changing the password for the key and writing it in a different format at the same time.

The command looks like this:

ssh-keygen -p -N "" -m pem -f /path/to/key

It will change the file in place, so make a backup of your current key just in case. -N "" will set the passphrase as none. I haven't tested this with a passphrase.

The public key should be fine as is.

For full explanation of the above command, see the -m option here: https://man.openbsd.org/ssh-keygen#m

Upvotes: 253

BabaNew
BabaNew

Reputation: 976

You can achieve this easily if you can get your hands on a linux system. I am using ubuntu 18.04 and did the following:

  1. update packages: sudo apt update
  2. install putty: sudo apt install putty
  3. install puttygen: sudo apt install putty-tools
  4. convert the private key to the intermediate format SSHv2: puttygen yourkey -O private-sshcom -o newkey
  5. convert it back to RSA/PEM: ssh-keygen -i -f newkey > newkey_in_right_format

And you are good to go

Upvotes: 6

jjanczyszyn
jjanczyszyn

Reputation: 533

Here's what worked for me for an in-place conversion of a key with a passphrase:

ssh-keygen -p -P "old passphrase" -N "new passphrase" -m pem -f path/to/key

Upvotes: 30

Related Questions