{"id":117,"date":"2008-05-21T15:40:13","date_gmt":"2008-05-21T23:40:13","guid":{"rendered":"http:\/\/www.curlybrace.com\/words\/?p=117"},"modified":"2008-10-15T22:37:40","modified_gmt":"2008-10-16T06:37:40","slug":"ssh-key-manipulation","status":"publish","type":"post","link":"https:\/\/www.curlybrace.com\/words\/2008\/05\/ssh-key-manipulation\/","title":{"rendered":"SSH Key Generation and Conversion With OpenSSH"},"content":{"rendered":"<p><\/p>\n<h3>Key Generation<\/h3>\n<p>Generate a DSA key:<\/p>\n<blockquote><p><tt>ssh-keygen -t dsa<\/tt><\/p><\/blockquote>\n<p>This will generate an <a href=\"http:\/\/tools.ietf.org\/html\/rfc4716\">RFC 4716-formatted<\/a> key file similar to the following:<\/p>\n<blockquote>\n<pre>-----BEGIN DSA PRIVATE KEY-----\r\nMIIBuwIBAAKBgQDijfpmyXBZpnq8EhEhSxeJz7fNxIlWYD6t7bviDZMARh8mLCr2\r\nbug2J1K+Rl4qoLQJ7zRGlytwQ2krTCmvVahOjy9m\/QW5936rCyVS19PRdJMEEMSN\r\nvLQaMtpKbnHp0z8Xs\/X1CkDmxThOlvRVjiObdd0U9eELLoo5VHauVHmufwIVAO7j\r\nl4bxgVXeX09WJcyOXAUauNXHAoGAF20ESXgTvbbdxDECa2tfTi\/j1\/+emNV\/+zuR\r\naq6xms\/K0piZhMlkK3BD9PgHhXfqZuRT\/Z9b8ja3nR34H2KL3UInCNV6kSq6h+MD\r\nMLJnNQG4wADLYw3p5Tzz\/hUwtfqpZ\/9e7FpBdgfooS274GgPKTG8BFRiudIztPpK\r\n4GueicoCgYEAy8hllDrFzQUqFG0kMe8r3dOFDjMQHf6ITttmAiScwEPg+a5D++Sq\r\nbj42vkKSNgaYHc+Z8QPgerPehIkBde6wx0ukq0a8IXy8F86IasXz3wzotPeJsdKi\r\nmynQKzhSm9Jzbk\/SK\/yh5NGhJzz1VmHsg+ir\/qReguMHfqDGCI4kSFYCFDJKXQ4h\r\nMteJHSlu62RrGwInRBOh\r\n-----END DSA PRIVATE KEY-----<\/pre>\n<\/blockquote>\n<p>An accompanying, OpenSSH-formatted public key file should also be generated under the same file name with a <tt>.pub<\/tt> suffix.  It should appear similar to the following:<\/p>\n<blockquote>\n<pre>ssh-dss AAAAB3NzaC1kc3MAAACBAOKN+mbJcFmmerwSESFLF4nPt83EiVZgPq3t\r\nu+INkwBGHyYsKvZu6DYnUr5GXiqgtAnvNEaXK3BDaStMKa9VqE6PL2b9Bbn3fqsL\r\nJVLX09F0kwQQxI28tBoy2kpucenTPxez9fUKQObFOE6W9FWOI5t13RT14QsuijlU\r\ndq5Uea5\/AAAAFQDu45eG8YFV3l9PViXMjlwFGrjVxwAAAIAXbQRJeBO9tt3EMQJr\r\na19OL+PX\/56Y1X\/7O5FqrrGaz8rSmJmEyWQrcEP0+AeFd+pm5FP9n1vyNredHfgf\r\nYovdQicI1XqRKrqH4wMwsmc1AbjAAMtjDenlPPP+FTC1+qln\/17sWkF2B+ihLbvg\r\naA8pMbwEVGK50jO0+krga56JygAAAIEAy8hllDrFzQUqFG0kMe8r3dOFDjMQHf6I\r\nTttmAiScwEPg+a5D++Sqbj42vkKSNgaYHc+Z8QPgerPehIkBde6wx0ukq0a8IXy8\r\nF86IasXz3wzotPeJsdKimynQKzhSm9Jzbk\/SK\/yh5NGhJzz1VmHsg+ir\/qReguMH\r\nfqDGCI4kSFY= user@hostname<\/pre>\n<\/blockquote>\n<h3>Export Public Key in RFC 4716 Format<\/h3>\n<p>Given a private key, export its public key:<\/p>\n<blockquote><p><tt>ssh-keygen -e -f <b><i>private_key<\/i><\/b><\/tt><\/p><\/blockquote>\n<p>This will generate a RFC 4716 output similar to the following:<\/p>\n<blockquote>\n<pre>---- BEGIN SSH2 PUBLIC KEY ----\r\nComment: \"1024-bit DSA, converted from OpenSSH by user@hostname\"\r\nAAAAB3NzaC1kc3MAAACBAOKN+mbJcFmmerwSESFLF4nPt83EiVZgPq3tu+INkwBGHyYsKv\r\nZu6DYnUr5GXiqgtAnvNEaXK3BDaStMKa9VqE6PL2b9Bbn3fqsLJVLX09F0kwQQxI28tBoy\r\n2kpucenTPxez9fUKQObFOE6W9FWOI5t13RT14QsuijlUdq5Uea5\/AAAAFQDu45eG8YFV3l\r\n9PViXMjlwFGrjVxwAAAIAXbQRJeBO9tt3EMQJra19OL+PX\/56Y1X\/7O5FqrrGaz8rSmJmE\r\nyWQrcEP0+AeFd+pm5FP9n1vyNredHfgfYovdQicI1XqRKrqH4wMwsmc1AbjAAMtjDenlPP\r\nP+FTC1+qln\/17sWkF2B+ihLbvgaA8pMbwEVGK50jO0+krga56JygAAAIEAy8hllDrFzQUq\r\nFG0kMe8r3dOFDjMQHf6ITttmAiScwEPg+a5D++Sqbj42vkKSNgaYHc+Z8QPgerPehIkBde\r\n6wx0ukq0a8IXy8F86IasXz3wzotPeJsdKimynQKzhSm9Jzbk\/SK\/yh5NGhJzz1VmHsg+ir\r\n\/qReguMHfqDGCI4kSFY=\r\n---- END SSH2 PUBLIC KEY ----<\/pre>\n<\/blockquote>\n<h3>Convert Public RFC 4716 to Public OpenSSH Format<\/h3>\n<p>Convert the exported public key from RFC 4716 format to OpenSSH format (for use in an <tt>authorized_keys<\/tt> file, for example):<\/p>\n<blockquote><p><tt>ssh-keygen -i -f <b><i>public_key<\/i><\/b><\/tt><\/p><\/blockquote>\n<p>This will generate OpenSSH-formatted output similar to the following:<\/p>\n<blockquote>\n<pre>ssh-dss AAAAB3NzaC1kc3MAAACBAOKN+mbJcFmmerwSESFLF4nPt83EiVZgPq3t\r\nu+INkwBGHyYsKvZu6DYnUr5GXiqgtAnvNEaXK3BDaStMKa9VqE6PL2b9Bbn3fqsL\r\nJVLX09F0kwQQxI28tBoy2kpucenTPxez9fUKQObFOE6W9FWOI5t13RT14QsuijlU\r\ndq5Uea5\/AAAAFQDu45eG8YFV3l9PViXMjlwFGrjVxwAAAIAXbQRJeBO9tt3EMQJr\r\na19OL+PX\/56Y1X\/7O5FqrrGaz8rSmJmEyWQrcEP0+AeFd+pm5FP9n1vyNredHfgf\r\nYovdQicI1XqRKrqH4wMwsmc1AbjAAMtjDenlPPP+FTC1+qln\/17sWkF2B+ihLbvg\r\naA8pMbwEVGK50jO0+krga56JygAAAIEAy8hllDrFzQUqFG0kMe8r3dOFDjMQHf6I\r\nTttmAiScwEPg+a5D++Sqbj42vkKSNgaYHc+Z8QPgerPehIkBde6wx0ukq0a8IXy8\r\nF86IasXz3wzotPeJsdKimynQKzhSm9Jzbk\/SK\/yh5NGhJzz1VmHsg+ir\/qReguMH\r\nfqDGCI4kSFY=<\/pre>\n<\/blockquote>\n","protected":false},"excerpt":{"rendered":"<p>Key Generation Generate a DSA key: ssh-keygen -t dsa This will generate an RFC 4716-formatted key file similar to the following: &#8212;&#8211;BEGIN DSA PRIVATE KEY&#8212;&#8211; MIIBuwIBAAKBgQDijfpmyXBZpnq8EhEhSxeJz7fNxIlWYD6t7bviDZMARh8mLCr2 bug2J1K+Rl4qoLQJ7zRGlytwQ2krTCmvVahOjy9m\/QW5936rCyVS19PRdJMEEMSN vLQaMtpKbnHp0z8Xs\/X1CkDmxThOlvRVjiObdd0U9eELLoo5VHauVHmufwIVAO7j l4bxgVXeX09WJcyOXAUauNXHAoGAF20ESXgTvbbdxDECa2tfTi\/j1\/+emNV\/+zuR aq6xms\/K0piZhMlkK3BD9PgHhXfqZuRT\/Z9b8ja3nR34H2KL3UInCNV6kSq6h+MD MLJnNQG4wADLYw3p5Tzz\/hUwtfqpZ\/9e7FpBdgfooS274GgPKTG8BFRiudIztPpK 4GueicoCgYEAy8hllDrFzQUqFG0kMe8r3dOFDjMQHf6ITttmAiScwEPg+a5D++Sq bj42vkKSNgaYHc+Z8QPgerPehIkBde6wx0ukq0a8IXy8F86IasXz3wzotPeJsdKi mynQKzhSm9Jzbk\/SK\/yh5NGhJzz1VmHsg+ir\/qReguMHfqDGCI4kSFYCFDJKXQ4h MteJHSlu62RrGwInRBOh &#8212;&#8211;END DSA PRIVATE KEY&#8212;&#8211; An &hellip; <a href=\"https:\/\/www.curlybrace.com\/words\/2008\/05\/ssh-key-manipulation\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[181,15],"tags":[],"class_list":["post-117","post","type-post","status-publish","format-standard","hentry","category-cryptography","category-technology"],"_links":{"self":[{"href":"https:\/\/www.curlybrace.com\/words\/wp-json\/wp\/v2\/posts\/117","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.curlybrace.com\/words\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.curlybrace.com\/words\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.curlybrace.com\/words\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.curlybrace.com\/words\/wp-json\/wp\/v2\/comments?post=117"}],"version-history":[{"count":1,"href":"https:\/\/www.curlybrace.com\/words\/wp-json\/wp\/v2\/posts\/117\/revisions"}],"predecessor-version":[{"id":412,"href":"https:\/\/www.curlybrace.com\/words\/wp-json\/wp\/v2\/posts\/117\/revisions\/412"}],"wp:attachment":[{"href":"https:\/\/www.curlybrace.com\/words\/wp-json\/wp\/v2\/media?parent=117"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.curlybrace.com\/words\/wp-json\/wp\/v2\/categories?post=117"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.curlybrace.com\/words\/wp-json\/wp\/v2\/tags?post=117"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}