Nathan Wolfe wrote: > I am running OpenSSH on redhat 8. I have generated a keypair using the > client from ssh.com (Secure Shell Client). the key has been uploaded > to the server and I have attempted to convert the key to Open ssh > using: > > # ssh-keygen -X -f .ssh2/dsa2048key.pub >>.ssh/authorized_keys2 > > and > > # ssh-keygen -i -f .ssh2/dsa2048key.pub >> .ssh/authorized_keys2
Your second example looks correct! At least thats what I do to convert my ssh2 generated keys to OpenSSH format. I use F-Secure's ssh client which generates an ssh2 format RSA or DSA key. > > I get: illegal option -- X > with the first and: > Private key -f is unreadable. > Error: Cannot determine the type of the key. > with the second. based on the above error it looks the your ssh client did not generate a key that contains the "type" of key (dsa/rsa) in the file. For reference: I generated a test key using F-Secure ssh client; this is the format of the file that I uploaded/converted to OpenSSH format using your second example... ---- BEGIN SSH2 PUBLIC KEY ---- Comment: "[1024-bit dsa, [EMAIL PROTECTED], Sun Jul 20 2003 18:04:45]\ [1024-bit dsa, [EMAIL PROTECTED], Sun Jul 20 2003 18:04:59]" [snip] the key ---- END SSH2 PUBLIC KEY ---- > > I have read somplace that some versions of ssh-keygen are unable to > make this conversion but my RedHat AS 2.1 machine does it fine as > well as all of my FreeBSD machines. If your ssh format key contains the type record listed above, then you might be correct. I don't really know. FWIW: I have been using F-Secure ssh client for years and have never had a problem converting it's ssh2 generated key to openssh format using ssh-keygen -i -f... as far back as RH7.3. Steve Cowles -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
