Openssh Private Key to RSA Private Key

Eleanor picture Eleanor · Mar 5, 2019 · Viewed 36.3k times · Source

(I am using MAC)

My id_rsa starts with

-----BEGIN OPENSSH PRIVATE KEY-----

but I expect it to starts with

-----BEGIN RSA PRIVATE KEY-----

I have send my id_rsa.pub to server administrator to get the access to server, so I don't want to generate a new key.

  1. Is there any way that I can transfer my id_rsa which is a openssh private key to a RSA private key? (command please.)

  2. If I can transfer, do I also need to transfer id_rsa.pub? (command please.) It seems id_rsa.pub doesn't have a header like id_rsa, so I am not sure if I should also transfer this.

Thank you!

Answer

Tad M. picture Tad M. · Apr 23, 2019

You have an OpenSSH format key and want a PEM format key. It is not intuitive to me, but the suggested way to convert is by changing the password for the key and writing it in a different format at the same time. The command looks like this:

ssh-keygen -p -N "" -m pem -f /path/to/key

It will change the file in place, so make a backup of your current key just in case. -N "" will set the passphrase as none. I haven't tested this with a passphrase.

The public key should be fine as is.

For the full explanation of the above command, see the -m option here: https://man.openbsd.org/ssh-keygen#m