SSH Private Keys - RSA vs. OpenSSH

-

It would seem that ssh-keygen on OS X Mojave generates OpenSSH Private Keys instead of the traditional RSA Private Keys. While on the surface this is not a problem at all, it recently created a problem for us in combination with our use of the net-ssh Ruby gem, specifically that only RSA Private Keys are supported by this particular version of the gem, unless other dependencies are explicitly installed. So there would appear to be two solutions to this problem. First, we could update the net-ssh gem or discover/install whatever other dependencies are required to support OpenSSH Private Keys. Option two is to convert the existing private key from OpenSSH to RSA. The man page for ssh-keygen is helpful, but not nearly clear enough for this use case, so I'm documenting it here because I'm sure it'll come back to bite me again in the future.

Assuming ~/.ssh/id_rsa starts with:

-----BEGIN OPENSSH PRIVATE KEY-----

Run ssh-keygen -p -m PEM -f ~/.ssh/id_rsa and you will find that the file now starts with:

-----BEGIN RSA PRIVATE KEY-----

Comments

Post a Comment

Popular posts from this blog

Google Wifi and Verizon FiOS

-
Image
There are a bunch of articles spread around the internet about how to best use Google Wifi and Verizon FiOS together. The concepts are really applicable to any case where you want to replace the Verizon FiOS router with your own, while still retaining full TV functionality (Guide, On-Demand, Remote DVR access, On-Screen Caller ID, etc). My experience drew heavily from several sources, including http://www.dslreports.com/faq/16077 , https://robotpoweredhome.com/google-nest-wifi-verizon-fios/ , and https://www.arhea.net/posts/2020-01-012-fios-own-router.html . My ultimate goal was to completely remove the Verizon FiOS router (in my case, a G1100), while retaining full functionality. The gist of what my setup looks like is below: The components involved here are: FiOS ONT (Optical Network Terminal) Google Wifi Points Any unmanaged 10/100/1000 Ethernet Switch (you decide how many ports you need) MOCA Bridge (Actiontec WCB3000) FiOS TV One DVR (Arris VMS4100) FiOS TV Set Top Boxes (Arris
Read more