This question already has answers here:
How to convert SSH keypairs generated using PuTTYgen (Windows) into key-pairs used by ssh-agent and Keychain (Linux)
(10 answers)
Closed 3 years ago.
So there are plenty of tutorials on how to convert a PEM to a PPK using puttyGen. However my issue is that my windows machine had the only PEM copy and I converted it into a PPK and deleted it. Now I need to figure out how to convert a PPK into a PEM so that my mac can ssh into the server. I still have access to the server so I could also just make a new key if I had to, anyone know how to convert PPK to PEM?
Install PuttyTools
apt-get install putty-tools
Generate a pem file form the ppk
puttygen server.ppk -O private-openssh -o server.pem
The file server.pem file will be saved on same location
If you're on a Mac and you've previously installed Homebrew, from Terminal:
$ brew install putty
$ puttygen server.ppk -O private-openssh -o server.pem
The first command was suggested in this comment and the second from Emizen Tech's answer.
Try this to install putty-tools
sudo apt install putty-tools
puttygen key.ppk -O private-openssh -o key.pem
ssh -i ~/key.pem {user}#{ip}
First, install PuTTY for Mac using
brew install putty
Then, use the following command to convert the .ppk format private key to a standard PEM format private key:
puttygen privatekey.ppk -O private-openssh -o privatekey.pem
Make sure permissions on the private key file are set properly. It should only be readable by the user that owns it.
chmod go-rw privatekey.pem
You can now use the key for logins from scripts and command line with:
ssh -i privatekey.pem user#hostname
Related
On windows it is usually stored in the %USERPROFILE%\ssh or
%USERPROFILE%.ssh folders.
However I do not see the ssh folders when going to %USERPROFILE%.
Is it possible to create the ssh folder and the known_hosts file myself?
Yes, this is expected.
You can in a CMD do:
cd "%USERPROFILE%"
mkdir .ssh
From there, assuming you have ssh-keygen in your PATH (which is included in Git For Windows for example), you can type:
ssh-keygen -t rsa -P ""
That will generate a key in the default path ~/.ssh(/id_rsa[.pub]), with ~/.ssh being translated in %USERPROFILE%\.ssh
I'm constantly setting up passwordless ssh environments. And, while there are many howTos out there, most are rather long. This is going to be very short and without much explanation. Read the load documents for the details. I plan to add screen-shots, but that has to wait until after my wrist heals. I broke it badly just the day before yesterday.
PuTTY doesn't natively support the private key format (.pem)
You must convert your private key into a .ppk file
before you can connect to your instance using PuTTY
ssh-keygen generates 2 files.
- id_rsa: The private key
- id_rsa.pub: The public key
PuTTYgen will genrate the ppk for use with PuTTY.
On Linux (I’m using CentOS 8)
=================================
mkdir -p ~/.ssh
chmod 700 ~/.ssh
cd ~/.ssh
ssh-keygen -t rsa -b 4096 -N '' -f ~/.ssh/id_rsa -C "yourEmailAddr#yahoo.com"
cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
chmod 400 ~/.ssh/*
cp ~/.ssh/* /VMShare/ssh/ #a common mount between my virtual machines and windows
on Windows
----------
1. open PuTTYgen Click Load and open the private file (normally id_rsa)
2. Click “Save Private Key” and choose a name. I use id_rsa.ppk
3. Open Putty
3.1. Set Connection->Data->Auto-login username as appropriate
3.2. set the Connection->SSH->Auth->”Private key file for authentication” to the ppk file.
To setup 1 way ssh between 2 Linux machines
-------------------------------------------
copy the id_rsa file to ~/.ssh on the second machine
Next: chmod 400 ~/.ssh/id_rsa
Now you can ssh from the second machine to the first
To setup 1 way ssh between 2 Linux machines
-------------------------------------------
Copy the id_rsa and id_rsa.pub file to ~/.ssh on the second machine
cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
chmod 400 ~/.ssh/authorized_keys ~/.ssh/id_rsa ~/.ssh/id_rsa.pub
To Test the ssh use:
--------------------
ssh -i id_rsa.pub user#host1
<https://help.dreamhost.com/hc/en-us/articles/215464758-How-do-I-set-up-passwordless-login-in-PuTTY->
On Ubuntu I generated a key using ssh-keygen -t rsa -b 4096 command.
While trying to convert the generated key to OpenSSH format with
ssh-keygen -i -f id_rsa.pub > id_rsa_openssh.pub, I get error uudecode failed.
Any idea how to resolve this error.
Probably too late but using
ssh-keygen -e -f id_rsa.pub > id_rsa_openssh.pub
worked for me.
When following the steps to setup mono on the following site it is failing to import the GPG key for the repo.
https://www.mono-project.com/download/stable/#download-lin-centos
This is happening on CentOS machines running both 6.x and 7.x.
rpm --import "https://keyserver.ubuntu.com/pks/lookup?op=get&search=0x3FA7E0328081BFF6A14DA29AA6A19B38D3D831EF"
error: https://keyserver.ubuntu.com/pks/lookup?op=get&search=0x3FA7E0328081BFF6A14DA29AA6A19B38D3D831EF: key 1 not an armored public key.
This appears to be due to a missing newline at the end of the key file. If you open the key with vi and save it, without making any changes (this is one way to ensure there is a newline at the end of the file), the import works.
curl -v "https://keyserver.ubuntu.com/pks/lookup?op=get&search=0x3FA7E0328081BFF6A14DA29AA6A19B38D3D831EF" -okey
vi key
# don't modify, just save it with ":wq"
rpm --import key
Another way to add the newline to the end of the file: https://unix.stackexchange.com/a/31955
sed -i -e '$a\' key
see https://github.com/mono/mono/issues/15955
I used this workaround to then download. See https://github.com/mono/mono/issues/16025
rpm --import https://download.mono-project.com/repo/xamarin.gpg
su -c 'curl https://download.mono-project.com/repo/centos7-stable.repo | tee /etc/yum.repos.d/mono-centos7-stable.repo’
I would very much like to take my Git install with me wherever I go, so I have installed GitPortable via PortableApps.
Unfortunately, the OpenSSH utilities available in git-bash insists on placing/searching for the .ssh folder in a nonsensical place (C/.ssh).
Now, I have seen others with the same problem, but the solution generally was to set HOME as a Windows environment variable. But this is not working for me.
From the usual Windows command prompt:
C:\Users\snb>echo %HOME%
C:\Users\snb
Showing that the environment variable is apparently set correctly.
From git-bash:
snb#SNB-WORKSTATION /c/Users/snb
$ echo $HOME
C:\Users\snb
Showing that git-bash agrees. However if I test out an SSH command, OpenSSH has the completely wrong idea of where to locate the .ssh folder:
snb#SNB-WORKSTATION /c/Users/snb
$ ssh -T git#bitbucket.org
Could not create directory 'C/.ssh'.
The authenticity of host 'bitbucket.org (131.103.20.167)' can't be established.
RSA key fingerprint is 97:8c:1b:f2:6f:14:6b:5c:3b:ec:aa:46:46:74:7c:40.
Are you sure you want to continue connecting (yes/no)?
I'm at a loss at what to do to make OpenSSH in the GitPortable installation understand where my home directory is. Do you have any ideas other than giving in and just installing Git for Windows?
EDIT:
The OpenSSH version is:
$ ssh -V
OpenSSH_6.6.1p1, OpenSSL 1.0.1i 6 Aug 2014
The command uses the correct .ssh folder location in a Windows command prompt when using git-cmd.bat:
C:\Users\snb>ssh -T git#bitbucket.org
The authenticity of host 'bitbucket.org (131.103.20.168)' can't be established.
RSA key fingerprint is 97:8c:1b:f2:6f:14:6b:5c:3b:ec:aa:46:46:74:7c:40.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'bitbucket.org,131.103.20.168' (RSA) to the list of known hosts.
Enter passphrase for key '/c/Users/snb/.ssh/id_rsa':
But I truly hate cmd.exe, I need this to work for git-bash! :)
The SSH command git-bash uses is:
$ which ssh
/bin/ssh
The /bin folder is located inside the GitPortable installation, so this would be the OpenSSH version distributed with GitPortable.
This GitPortable is based on msysgit PortableGit-1.9.5-preview20141217 github commit
The proper path for HOME in a bash session should be set with:
export HOME=/c/Users/snb
That would make it compatible with ssh in a unix shell.
Using posix path seems safer considering Git is running on top of a posix run-time environment.