Converting keys from commercial ssh

Rachit Siamwalla rachit at ensim.com
Fri Apr 20 09:15:39 EST 2001 

Doesn't ssh-keygen -X do the same thing? it works for private keys too. This
ssh-keygen -X seems like a hidden feature noone knows about.

This is actually quite funny. I had a similair problem scouring the net and
the list for answers on how to convert ssh.com private keys to openssh (the
public key conversion is easy as you found out, the private key conversion
was not so straightforward). I was looking and asked the list, and noone
knew the answer.

A few weeks later i actually went around poking the openssh code grepping
for code to read / write keys, and i stumbled on some code in keygen that
actually did what i needed. Lo and behold, when i manned ssh-keygen, the
"-X" option was right there glaring at me.

-rchit

-----Original Message-----
From: Austin Gonyou [mailto:austin at coremetrics.com]
Sent: Thursday, April 19, 2001 2:09 PM
To: King, Brian
Cc: 'openssh-unix-dev at mindrot.org'
Subject: Re: Converting keys from commercial ssh


Pretty nifty!

-- 
Austin Gonyou
Systems Architect
Coremetrics, Inc.
Phone: 512-796-9023
email: austin at coremetrics.com

On Thu, 19 Apr 2001, King, Brian wrote:

> I'm not sure if this is useful to anyone else, but around here people
> are insisting we use key-ed authentication with windows clients and Unix
> servers over SSH protocol version 2.
>
> I couldn't find a free windows client that would meet those
> requirements. The closest was PuTTY, but it would only use password
> authentication with SSH2. In the end, this means we will probably have
> to go with OpenSSH on the servers, and ssh.com's client on the windows
> workstations. The problem that appears then is the differing public key
> file formats between the commercial SSH and OpenSSH.
>
> I've quickly put together a short script that should convert a public
> key (generated by the commercial windows client and pushed to a Unix
> server) to be used with OpenSSH's sshd.  It appears to work fine with
> the limited testing I've done. If anyone decides to make improvements, I
> would appreciate receiving them.
>
> Brian King
>
> <<ssh-convkeys2.sh>>
>
>

More information about the openssh-unix-dev mailing list