How to convert an SSH2 Public Key into an OpenSSH public key

When working with people who don’t use a Unix-based operating system, you’ll often come across the SSH2 Public Key format. PuTTY is probably the most famous software using this format and nearly everyone on Windows uses it. To give these windows ssh users access to a Linux system, SFTP server, Git repository or other systems that use the OpenSSH key format, you need to convert an SSH2 public key into the OpenSSH format. This article describes how to do exactly that.

For more Linux and programming tips, tricks, and videos, check out my channel here: https://www.youtube.com/c/tutorialinux — I have a completely free Linux Sysadmin course in this free Linux course playlist.

Okay, onto the openssh key converting goodness!

The Problem: SSH2-formatted keys

You receive an openssh-formatted public key looking like this:

---- BEGIN SSH2 PUBLIC KEY ----
Comment: "rsa-key-20160402" AAAAB3NzaC1yc2EAAAABJQAAAgEAiL0jjDdFqK/kYThqKt7THrjABTPWvXmB3URI pGKCP/jZlSuCUP3Oc+IxuFeXSIMvVIYeW2PZAjXQGTn60XzPHr+M0NoGcPAvzZf2 u57aX3YKaL93cZSBHR97H+XhcYdrm7ATwfjMDgfgj7+VTvW4nI46Z+qjxmYifc8u VELolg1TDHWY789ggcdvy92oGjB0VUgMEywrOP+LS0DgG4dmkoUBWGP9dvYcPZDU F4q0XY9ZHhvyPWEZ3o2vETTrEJr9QHYwgjmFfJn2VFNnD/4qeDDHOmSlDgEOfQcZ Im+XUOn9eVsv//dAPSY/yMJXf8d0ZSm+VS29QShMjA4R+7yh5WhsIhouBRno2PpE VVb37Xwe3V6U3o9UnQ3ADtL75DbrZ5beNWcmKzlJ7jVX5QzHSBAnePbBx/fyeP/f 144xPtJWB3jW/kXjtPyWjpzGndaPQ0WgXkbf8fvIuB3NJTTcZ7PeIKnLaMIzT5XN CR+xobvdC8J9d6k84/q/laJKF3G8KbRGPNwnoVg1cwWFez+dzqo2ypcTtv/20yAm z86EvuohZoWrtoWvkZLCoyxdqO93ymEjgHAn2bsIWyOODtXovxAJqPgk3dxM1f9P AEQwc1bG+Z/Gc1Fd8DncgxyhKSQzLsfWroTnIn8wsnmhPJtaZWNuT5BJa8GhnzX0 9g6nhbk= ---- END SSH2 PUBLIC KEY ----

And want to convert it to an ssh key format like this:

ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAgEAiL0jjDdFqK/kYThqKt7THrjABTPWvXmB3URIpGKCP/jZlSuCUP3Oc+IxuFeXSIMvVIYeW2PZAjXQGTn60XzPHr+M0NoGcPAvzZf2u57aX3YKaL93cZSBHR97H+XhcYdrm7ATwfjMDgfgj7+VTvW4nI46Z+qjxmYifc8uVELolg1TDHWY789ggcdvy92oGjB0VUgMEywrOP+LS0DgG4dmkoUBWGP9dvYcPZDUF4q0XY9ZHhvyPWEZ3o2vETTrEJr9QHYwgjmFfJn2VFNnD/4qeDDHOmSlDgEOfQcZIm+XUOn9eVsv//dAPSY/yMJXf8d0ZSm+VS29QShMjA4R+7yh5WhsIhouBRno2PpEVVb37Xwe3V6U3o9UnQ3ADtL75DbrZ5beNWcmKzlJ7jVX5QzHSBAnePbBx/fyeP/f144xPtJWB3jW/kXjtPyWjpzGndaPQ0WgXkbf8fvIuB3NJTTcZ7PeIKnLaMIzT5XNCR+xobvdC8J9d6k84/q/laJKF3G8KbRGPNwnoVg1cwWFez+dzqo2ypcTtv/20yAmz86EvuohZoWrtoWvkZLCoyxdqO93ymEjgHAn2bsIWyOODtXovxAJqPgk3dxM1f9PAEQwc1bG+Z/Gc1Fd8DncgxyhKSQzLsfWroTnIn8wsnmhPJtaZWNuT5BJa8GhnzX09g6nhbk=

Solution: Convert the SSH2-formatted key to OpenSSH

You can do this with a very simple command:

ssh-keygen -i -f ssh2.pub > openssh.pub

The command above will take the key from the file ssh2.pub and write it to openssh.pub.

 

If you just want to look at the openssh key material, or have it ready for copy and paste, then you don’t have to worry about piping stdout into a file (same command as above, without the last part):

ssh-keygen -i -f ssh2.pub

This will simply display the public key in the OpenSSH format.

 

A more practical example of this might be converting and appending a coworker’s key to a server’s authorized keys file. This can be achieved using the following command:

ssh-keygen -i -f coworker.pub >> ~/.ssh/authorized_keys

After this a coworker, using the according private key will be able to log into the system as the user who runs this command.

The Other Direction: Converting SSH2 keys to the OpenSSH Format

The opposite — converting OpenSSH to SSH2 keys — is also possible, of course. Simply use the -e (for export) flag, instead of -i (for import).

ssh-keygen -e -f openssh.pub > ssh2.pub

Conclusion

Knowing these kinds of essential Linux tools can make your life as a sysadmin much easier. Converting an SSH2 key to OpenSSH is something that you’ll find yourself doing on a fairly irregular basis, so it’s good to have the command written down somewhere.

Consider starting a “useful_commands.txt” file, or just keep a link to this post in your bookmarks.

 

I hope you enjoyed this little article! If you have any questions, please comment. For more information on dealing with SSH Keys you might want to take a look at the ssh-keygen manual page (type man ssh-keygen into your terminal). It’s a good idea to read over a few of the options that this command provides.

And if you want more Linux and Programming info/videos, I have a YouTube channel here: https://www.youtube.com/c/tutorialinux — there’s a completely free Linux Sysadmin course in this free Linux course playlist.