[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

RE: ssh to Open SSH ssh-keygen question - Answered



OK HERE IS THE ANSWER to this problem

RH seems to like the ssh-keygen2 binary better. So what you need to do is
make sure you are using the ssh-keygen binary in /usr/bin
I noticed that when I would do a #man ssh-keygen   i kept getting ssh-keygen2

Not sure why this happens. Maybe someone else can give us the answer to
that one but here are the keystrokes to fix my problem anyway.

# cd /usr/bin
# ./ssh-keygen -i -f  ~/.ssh2/dsa2048key.pub  >> ~/.ssh/authorized_keys2

That fixed the problem.



> Nathan Wolfe wrote:
>> I am running OpenSSH on redhat 8. I have generated a keypair using the
>> client from ssh.com (Secure Shell Client). the key has been uploaded
>> to the server and I have attempted to convert the key to Open ssh
>> using:
>>
>> # ssh-keygen -X -f .ssh2/dsa2048key.pub >>.ssh/authorized_keys2
>>
>> and
>>
>> # ssh-keygen -i -f  .ssh2/dsa2048key.pub  >> .ssh/authorized_keys2
>
> Your second example looks correct! At least thats what I do to convert
> my ssh2 generated keys to OpenSSH format. I use F-Secure's ssh client
> which generates an ssh2 format RSA or DSA key.
>
>>
>> I get: illegal option -- X
>> with the first and:
>> Private key -f is unreadable.
>> Error: Cannot determine the type of the key.
>> with the second.
>
> based on the above error it looks the your ssh client did not generate a
> key that contains the "type" of key (dsa/rsa) in the file. For
> reference: I generated a test key using F-Secure ssh client; this is the
> format of the file that I uploaded/converted to OpenSSH format using
> your second example...
>
> ---- BEGIN SSH2 PUBLIC KEY ----
> Comment: "[1024-bit dsa, scowles enterprise, Sun Jul 20 2003 18:04:45]\
>  [1024-bit dsa, scowles enterprise, Sun Jul 20 2003 18:04:59]"
>
> [snip] the key
>
> ---- END SSH2 PUBLIC KEY ----
>
>
>>
>> I have read somplace that some versions of ssh-keygen are unable to
>> make this conversion but my RedHat AS 2.1 machine does it fine as well
>> as all of my FreeBSD machines.
>
> If your ssh format key contains the type record listed above, then you
> might be correct. I don't really know. FWIW: I have been using F-Secure
> ssh client for years and have never had a problem converting it's ssh2
> generated key to openssh format using ssh-keygen -i -f... as far back as
> RH7.3.
>
> Steve Cowles
>
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request redhat com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list






[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]