ALL LINUX
  • Linux 4 Network Engineers
  • Introduction
    • Untitled
  • LINUX - "HOW-TO-DO"
    • SYSADMIN
      • MONITORING
        • Stress Testing Linux
      • DEBIAN APT
      • DISK
        • Directory Share - NFS,CIFS
        • LOGICAL VOLUME MANAGEMENT (LVM)
        • FILE SYSTEMS
          • ZFS
      • FIND & DU
      • SECURITY
        • SSH Open Format
      • USERS
        • Accounts, Groups etc
        • Assess User Activity
    • SCRIPTING & TEXT EDIT
      • BASH SCRIPTING & PROJECTS
        • 1) How to Build a Bash Script
        • 2) Variables & Shell Expansions
        • 3) Processing Command Lines
        • 4) Requesting User Input
      • VIM Editor
        • Vim Tips
      • GREP, EGREP & REGEX
        • REGEX
        • REGEX2
        • NINJA-REGEX
      • SED and AWK
  • Containers
    • MULTIPASS
    • LXD LXC
    • KUBERNETES (K8's)
  • FOSS
    • CUMULUS LINUX
      • Fundamentals
        • Cumulus Linux Introduction
        • Cumulus Linux Architecture
        • Cumulus VX
        • Initial Setup
      • NCLU
  • Linux Prof Inst Cert [LPIC-1]
    • LPIC 1
      • CH1-Linux Command-Line Tools
        • Work on the Command Line
        • Streams, Pipes and Redirects
          • Text Streams Using Filters
        • Search Text Files - Regular Expressions
        • Basic File Editing
      • CH2-Managing software and Processes
      • Ch3-Configuring Hardware
      • Ch4-Managing Files
      • Ch5-Booting, Initialising and Virtualising Linux
Powered by GitBook
On this page
  • How To?
  • The Problem: SSH2-formatted keys
  • Solution: Convert the SSH2-formatted key to Open-SSH

Was this helpful?

  1. LINUX - "HOW-TO-DO"
  2. SYSADMIN
  3. SECURITY

SSH Open Format

When people who are not Unix-based users, they will most probably use the public key format (eg. Putty) which will have to be converted into the open-ssh format .

How To?

The Problem: SSH2-formatted keys

You receive an open-ssh-formatted public key looking like this:

---- BEGIN SSH2 PUBLIC KEY ----
Comment: "rsa-key-20160402"
AAAAB3NzaC1yc2EAAAABJQAAAgEAiL0jjDdFqK/kYThqKt7THrjABTPWvXmB3URI
pGKCP/jZlSuCUP3Oc+IxuFeXSIMvVIYeW2PZAjXQGTn60XzPHr+M0NoGcPAvzZf2
u57aX3YKaL93cZSBHR97H+XhcYdrm7ATwfjMDgfgj7+VTvW4nI46Z+qjxmYifc8u
VELolg1TDHWY789ggcdvy92oGjB0VUgMEywrOP+LS0DgG4dmkoUBWGP9dvYcPZDU
F4q0XY9ZHhvyPWEZ3o2vETTrEJr9QHYwgjmFfJn2VFNnD/4qeDDHOmSlDgEOfQcZ
Im+XUOn9eVsv//dAPSY/yMJXf8d0ZSm+VS29QShMjA4R+7yh5WhsIhouBRno2PpE
VVb37Xwe3V6U3o9UnQ3ADtL75DbrZ5beNWcmKzlJ7jVX5QzHSBAnePbBx/fyeP/f
144xPtJWB3jW/kXjtPyWjpzGndaPQ0WgXkbf8fvIuB3NJTTcZ7PeIKnLaMIzT5XN
CR+xobvdC8J9d6k84/q/laJKF3G8KbRGPNwnoVg1cwWFez+dzqo2ypcTtv/20yAm
z86EvuohZoWrtoWvkZLCoyxdqO93ymEjgHAn2bsIWyOODtXovxAJqPgk3dxM1f9P
AEQwc1bG+Z/Gc1Fd8DncgxyhKSQzLsfWroTnIn8wsnmhPJtaZWNuT5BJa8GhnzX0
9g6nhbk=
---- END SSH2 PUBLIC KEY ----

And want to convert it to an ssh key format like this:

ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAgEAiL0jjDdFqK/kYThqKt7THrjABTPWvXmB3URIpGKCP/jZlSuCUP3Oc+IxuFeXSIMvVIYeW2PZAjXQGTn60XzPHr+M0NoGcPAvzZf2u57aX3YKaL93cZSBHR97H+XhcYdrm7ATwfjMDgfgj7+VTvW4nI46Z+qjxmYifc8uVELolg1TDHWY789ggcdvy92oGjB0VUgMEywrOP+LS0DgG4dmkoUBWGP9dvYcPZDUF4q0XY9ZHhvyPWEZ3o2vETTrEJr9QHYwgjmFfJn2VFNnD/4qeDDHOmSlDgEOfQcZIm+XUOn9eVsv//dAPSY/yMJXf8d0ZSm+VS29QShMjA4R+7yh5WhsIhouBRno2PpEVVb37Xwe3V6U3o9UnQ3ADtL75DbrZ5beNWcmKzlJ7jVX5QzHSBAnePbBx/fyeP/f144xPtJWB3jW/kXjtPyWjpzGndaPQ0WgXkbf8fvIuB3NJTTcZ7PeIKnLaMIzT5XNCR+xobvdC8J9d6k84/q/laJKF3G8KbRGPNwnoVg1cwWFez+dzqo2ypcTtv/20yAmz86EvuohZoWrtoWvkZLCoyxdqO93ymEjgHAn2bsIWyOODtXovxAJqPgk3dxM1f9PAEQwc1bG+Z/Gc1Fd8DncgxyhKSQzLsfWroTnIn8wsnmhPJtaZWNuT5BJa8GhnzX09g6nhbk=

Solution: Convert the SSH2-formatted key to Open-SSH

You can do this with a very simple command:

ssh-keygen -i -f ssh2.pub > openssh.pub

The command above will take the key from the file ssh2.pub and write it to openssh.pub.

If you just want to look at the open-ssh key material, or have it ready for copy and paste, then you don’t have to worry about piping stdout into a file (same command as above, without the last part):

ssh-keygen -i -f ssh2.pub

This will simply display the public key in the Open-SSH format.

A more practical example of this might be converting and appending a coworker’s key to a server’s authorized keys file. This can be achieved using the following command:

ssh-keygen -i -f coworker.pub >> ~/.ssh/authorized_keys

After this a coworker, using the according private key will be able to log into the system as the user who runs this command.

The Other Direction: Converting SSH2 keys to the Open-SSH Format

The opposite — converting Open-SSH to SSH2 keys — is also possible, of course. Simply use the -e (for export) flag, instead of -i (for import).

ssh-keygen -e -f openssh.pub > ssh2.pub

PreviousSECURITYNextUSERS

Last updated 5 years ago

Was this helpful?