SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG
DONATE


YUM REPOSITORY

 
 

MAN page from CentOS 6 nodejs-hubot-slack-4.4.0-2.3.noarch.rpm

sshpk\-conv

Section: sshpk Commands (1)
Updated: Jan 2016
Index 

NAME

sshpk-conv - convert between key formats 

SYNOPSYS

sshpk-conv -t FORMAT [FILENAME] [OPTIONS...]

sshpk-conv -i [FILENAME] [OPTIONS...] 

DESCRIPTION

Reads in a public or private key and converts it between different formats,particularly formats used in the SSH protocol and the well-known PEM PKCS#1/7formats.

In the second form, with the -i option given, identifies a key and prints to stderr information about its nature, size and fingerprint. 

EXAMPLES

Assume the following SSH-format public key in id_ecdsa.pub:

ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTI...9M/4c4= userAATThost

Identify it with -i:

$ sshpk-conv -i id_ecdsa.pubid_ecdsa: a 256 bit ECDSA public keyECDSA curve: nistp256Comment: userAATThostFingerprint:  SHA256:vCNX7eUkdvqqW0m4PoxQAZRv+CM4P4fS8+CbliAvS4k  81:ad:d5:57:e5:6f:7d:a2:93:79:56:af:d7:c0:38:51

Convert it to pkcs8 format, for use with e.g. OpenSSL:

$ sshpk-conv -t pkcs8 id_ecdsa-----BEGIN PUBLIC KEY-----MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEAsA4R6N6AS3gzaPBeLjG2ObSgUsRzOt+kWJoijLnw3ZMYUKmAx+lD0I5XUxdrPcs1vH5f3cn9TvRvO9L0z/hzg==-----END PUBLIC KEY-----

Retrieve the public half of a private key:

$ openssl genrsa 2048 | sshpk-conv -t ssh -c foo@barssh-rsa AAAAB3NzaC1yc2EAAA...koK7 foo@bar

Convert a private key to PKCS#1 (OpenSSL) format from a new-style OpenSSH keyformat (the ssh-keygen -o format):

$ ssh-keygen -o -f foobar...$ sshpk-conv -p -t pkcs1 foobar-----BEGIN RSA PRIVATE KEY-----MIIDpAIBAAKCAQEA6T/GYJndb1TRH3+NL....-----END RSA PRIVATE KEY-----
 

OPTIONS

-i, --identify
Instead of converting the key, output identifying information about it to stderr, including its type, size and fingerprints.
-p, --private
Treat the key as a private key instead of a public key (the default). If yousupply sshpk-conv with a private key and do not give this option, it willextract only the public half of the key from it and work with that.
-f PATH, --file=PATH
Input file to take the key from instead of stdin. If a filename is suppliedas a positional argument, it is equivalent to using this option.
-o PATH, --out=PATH
Output file name to use instead of stdout.

-T FORMAT, --informat=FORMAT

-t FORMAT, --outformat=FORMAT
Selects the input and output formats to be used (see FORMATS, below).
-c TEXT, --comment=TEXT
Sets the key comment for the output file, if supported.
 

FORMATS

Currently supported formats:

pem, pkcs1
The standard PEM format used by older OpenSSH and most TLS libraries such asOpenSSL. The classic id_rsa file is usually in this format. It is an ASN.1encoded structure, base64-encoded and placed between PEM headers.
ssh
The SSH public key text format (the format of an id_rsa.pub file). A singleline, containing 3 space separated parts: the key type, key body and optionalkey comment.
pkcs8
A newer PEM format, usually used only for public keys by TLS libraries suchas OpenSSL. The ASN.1 structure is more generic than that of pkcs1.
openssh
The new ssh-keygen -o format from OpenSSH. This can be mistaken for a PEMencoding but is actually an OpenSSH internal format.
rfc4253
The internal binary format of keys when sent over the wire in the SSHprotocol. This is also the format that the ssh-agent uses in its protocol.
 

SEE ALSO

ssh-keygen(1),openssl(1) 

BUGS

Encrypted (password-protected) keys are not supported.

Report bugs at Github[la]https://github.com/arekinath/node-sshpk/issues[ra]


 

Index

NAME
SYNOPSYS
DESCRIPTION
EXAMPLES
OPTIONS
FORMATS
SEE ALSO
BUGS

This document was created byman2html,using the manual pages.