On Mar 29, 2008, at 4:56 AM, Andreas Jellinghaus wrote: > RSA is not a format. openssh has a format (actually two different > ones, check > your .ssh/authorized_keys file for public keys for example), and PEM > is a > format (from the x.509/openssl world). there is no tool to convert > openssh > format into pem format, this is what the faq is trying to say.
Public or private? The req command will happily read secsh format, e.g.: openssl req -key ~/.ssh/id_rsa -new | openssl req -pubkey This will convert a secsh formatted pubkey into PEM (you can just give the default responses for the X.509 fields). Now private keys--aye, there's the rub. FWIW there were patches posted to one of the OpenBSD newsgroups a few years back to have ssh-keygen provide this capability (at least for public keys) but they don't seem to have ever made it into the main trunk: http://osdir.com/ml/os.openbsd.tech/2004-09/msg00092.html -- Tim _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
