Man page or keyword search:   man All Sections 1 - General Commands 2 - System Calls 3 - Subroutines, Functions 4 - Special Files 5 - File Formats 6 - Games and Screensavers 7 - Macros and Conventions 8 - Maintenence Commands 9 - Kernel Interface New Commands Server 4.4BSD AIX Alpinelinux Archlinux Aros BSDOS BSDi Bifrost CentOS Cygwin Darwin Debian DigitalUNIX DragonFly ElementaryOS Fedora FreeBSD Gentoo GhostBSD HP-UX Haiku Hurd IRIX Inferno JazzOS Kali Knoppix LinuxMint MacOSX Mageia Mandriva Manjaro Minix MirBSD NeXTSTEP NetBSD OPENSTEP OSF1 OpenBSD OpenDarwin OpenIndiana OpenMandriva OpenServer OpenSuSE OpenVMS Oracle PC-BSD Peanut Pidora Plan9 QNX Raspbian RedHat Scientific Slackware SmartOS Solaris SuSE SunOS Syllable Tru64 UNIXv7 Ubuntu Ultrix UnixWare Xenix YellowDog aLinux   14857 pages apropos Keyword Search (all sections) Output format html ascii pdf view pdf save postscript

SSH-KEYCONVER(1)	  BSD General Commands Manual	      SSH-KEYCONVER(1)

NAME
     ssh-keyconvert — convert ssh v1 keys and authorization files

SYNOPSIS
     ssh-keyconvert [-k] [-o output_file] identity_file ...
     ssh-keyconvert [-a] [-o output_file] authorization_file ...

DESCRIPTION
     ssh-keyconvert converts RSA public and private keys used for public key
     based user authentication with protocol version 1 to the format used with
     protocol version 2.

     When using RSA user authentication with SSH protocol version 1, the
     client uses the private key from $HOME/.ssh/identity to provide its iden‐
     tity to the server. The server grants or denies access based on whether
     the public part of this key is listed in $HOME/.ssh/authorized_keys.

     SSH protocol version 2 supports both DSA and RSA keys, but the way RSA
     keys are stored are differently. On the client, the default file name is
     .ssh/id_rsa rather than .ssh/identity, and the file's format is different
     as well. On the server, the public porting of the key can still be stored
     in .ssh/authorized_keys, but the key notation has changed as well.
     Therefore, when switching from protocol version 1 to version 2, you
     either have to create a new identity key using ssh-keygen(1) and add that
     key to the server's authorized_keys file, or you need to convert your
     keys using ssh-keyconvert.

     By default, ssh-keyconvert will try to guess the type of file that is to
     be converted.  If it fails to guess correctly, you can tell if what type
     of conversion to perform by specifying the -k option to convert the pri‐
     vate key, or the -a option to convert an authorisation file.

     When converting your private keys stored in .ssh/identity, ssh-keyconvert
     will read the private key, prompting you for the pass phrase if the key
     is protected by a pass phrase. If the -o option is given, it will write
     the private key to the specified file, using version 2 syntax. If the key
     was protected by a pass phrase, it will use the same pass phrase to pro‐
     tect the new file.	 It will also write the public portion of the key to a
     second file, using the specified file name with “.pub” appended.  If the
     -o option was not given, private and public key will be written to id_rsa
     and id_rsa.pub, respectively, relative to the directory of the input key
     file.

     If the destination file already exists, ssh-keyconvert will prompt the
     user for confirmation before overwriting the file, unless the -f option
     is given.

     When converting your authorized_keys file, ssh-keyconvert will ignore any
     keys in SSH version 2 format. Any public keys in version 1 format will be
     converted and appended to the output file using the new syntax. If the -o
     option is given, keys are appended to the specified file. If it is not
     given, ssh-keyconvert will append all keys to the input file.

     Note that ssh-keyconvert does not check for duplicate keys, so if you run
     it on .ssh/authorized_keys more several times, the converted keys will
     show up several times.

OPTIONS
     -k	     Convert private key file(s). The default is to guess the type of
	     file that should be converted.

     -a	     Convert authorized_keys file(s). The default is to guess the type
	     of file that should be converted.

     -o outfile
	     Specify the name of the output file.  When converting an autho‐
	     rization file, all public keys will be appended to this file.
	     For private key conversion, the private and public components of
	     the key will be stored in outfile and outfile.pub, respectively.
	     Note that since every key must be stored in a separate file, you
	     cannot use this option when you specify several input files.

     -f	     When converting a key file, and the output file already exists,
	     ssh-keyconvert will ask the user whether to overwrite the file.
	     Using this option forces overwriting.

AUTHORS
     OpenSSH is a derivative of the original and free ssh 1.2.12 release by
     Tatu Ylonen.  Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo
     de Raadt and Dug Song removed many bugs, re-added newer features and cre‐
     ated OpenSSH.  ssh-keyconvert was contributed by Olaf Kirch.

SEE ALSO
     ssh(1), ssh-add(1), ssh-agent(1), sshd(8)

     J. Galbraith and R. Thayer, SECSH Public Key File Format, draft-ietf-
     secsh-publickeyfile-01.txt, March 2001, work in progress material.

BSD			       February 2, 2002				   BSD

Vote for polarhome