Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Convert id_rsa to pem file
openssl rsa -in ~/.ssh/id_rsa -outform pem > id_rsa.pem
chmod 700 id_rsa.pem
@paxan

This comment has been minimized.

Copy link

paxan commented Oct 3, 2017

should be chmod 600 id_rsa.pem

@HighwayofLife

This comment has been minimized.

Copy link

HighwayofLife commented Dec 29, 2017

An rsa id_rsa key is exactly the same format as the output indicated here. So this ultimately does nothing other than duplicate the file an append a .pem extension.

@etiago

This comment has been minimized.

Copy link

etiago commented Mar 11, 2018

☝️ inclined to agree @HighwayofLife , this does nothing to the file format... although had an interesting side effect for me: it decrypted the file as my id_rsa was originally password-protected.

@adriaanvanrossum

This comment has been minimized.

Copy link

adriaanvanrossum commented Mar 21, 2018

And if you need the public key as a pem use this

ssh-keygen -f ~/.ssh/id_rsa.pub -m 'PEM' -e > public.pem
chmod 600 public.pem
@solderjs

This comment has been minimized.

Copy link

solderjs commented Dec 12, 2018

I had to read through the source and I built a solution in JavaScript, of all things.

So if you install https://nodejs.org you can get ssh-to-jwk, jwk-to-ssh, rasha, and eckles which, between the four, will convert it any which way:

npm install -g ssh-to-jwk jwk-to-ssh rasha eckles

RSA

ssh-to-jwk ~/.ssh/id_rsa > privkey.jwk.json
rasha privkey.jwk.json pkcs8 > privkey.pem
chmod 0600 privkey.pem
rasha privkey.pem jwk > privkey.jwk.json
jwk-to-ssh privkey.jwk.json root@localhost > id_rsa
chmod 0600 id_rsa

ECDSA

ssh-to-jwk ~/.ssh/id_ecdsa > privkey.jwk.json
eckles privkey.jwk.json pkcs8 > privkey.pem
chmod 0600 privkey.pem
eckles privkey.pem jwk > privkey.jwk.json
jwk-to-ssh privkey.jwk.json root@localhost > id_ecdsa
chmod 0600 id_ecdsa

Docs and such:

@solderjs

This comment has been minimized.

Copy link

solderjs commented Dec 12, 2018

@etiago @HighwayofLife OpenSSH has its own Private Key format.

@giacomo-m

This comment has been minimized.

Copy link

giacomo-m commented Dec 19, 2018

Hi, running openssl rsa -in ~/.ssh/id_rsa -outform pem > id_rsa.pem i get this error:

unable to load Private Key
140735944156104:error:0906D06C:PEM routines:PEM_read_bio:no start line:/BuildRoot/Library/Caches/com.apple.xbs/Sources/libressl/libressl-22.50.2/libressl/crypto/pem/pem_lib.c:704:Expecting: ANY PRIVATE KEY

can you help me?

Thanks.

@kollaesch

This comment has been minimized.

Copy link

kollaesch commented Dec 31, 2018

@giacomo-m
Apple uses a different openssl-"package". In general it's recommened to install openssl on macos via @brew-package. (formerly homebrew)
The apple-package is missing some functionality. That seems to be the case here.

@243826

This comment has been minimized.

Copy link

243826 commented Jan 10, 2019

@kollaesch doesn't seem to be the case. I still got:

@macbook:~/work$ openssl dsa -in id_dsa -outform pem
read DSA key
unable to load Private Key
140736256754632:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:697:Expecting: ANY PRIVATE KEY
unable to load Key
@sauravexodus

This comment has been minimized.

Copy link

sauravexodus commented Jan 31, 2019

@kollaes

Hi, running openssl rsa -in ~/.ssh/id_rsa -outform pem > id_rsa.pem i get this error:

unable to load Private Key
140735944156104:error:0906D06C:PEM routines:PEM_read_bio:no start line:/BuildRoot/Library/Caches/com.apple.xbs/Sources/libressl/libressl-22.50.2/libressl/crypto/pem/pem_lib.c:704:Expecting: ANY PRIVATE KEY

can you help me?

Thanks.

Can you try generating the private key using ssh-keygen

@kythanh

This comment has been minimized.

Copy link

kythanh commented Mar 19, 2019

I had the same problem and fixed by adding -m PEM when generate keys.

So the gen key command look like:

ssh-keygen -t rsa -b 4096 -m PEM

Then you can get pem from your rsa private key.

openssl rsa -in id_rsa -outform pem > id_rsa.pem

@kollaesch doesn't seem to be the case. I still got:

@macbook:~/work$ openssl dsa -in id_dsa -outform pem
read DSA key
unable to load Private Key
140736256754632:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:697:Expecting: ANY PRIVATE KEY
unable to load Key
@Khrol

This comment has been minimized.

Copy link

Khrol commented Mar 19, 2019

Expecting: ANY PRIVATE KEY

I have this error only with 4096-bit key. Looks like it's the problem.

@KevinJCross

This comment has been minimized.

Copy link

KevinJCross commented May 7, 2019

yup Ive got this same problem with a 4k key too

@jgamblin

This comment has been minimized.

Copy link

jgamblin commented Jun 14, 2019

@joaquinclearmetal

This comment has been minimized.

Copy link

joaquinclearmetal commented Jul 18, 2019

unable to load Private Key
140149128779416:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:701:Expecting: ANY PRIVATE KEY```

On both macOS and Ubuntu 16.  I don't want to gen a new key, as i have the pub key installed on several servers.
@andreif

This comment has been minimized.

Copy link

andreif commented Aug 12, 2019

For private keys in OpenSSH format that use passphrase, you can convert them to PEM format using

ssh-keygen -f my-rsa-key -m pem -p

Note: when it was missing -p argument I got Expecting: ANY PRIVATE KEY error.

@bnabriss

This comment has been minimized.

Copy link

bnabriss commented Sep 8, 2019

For private keys in OpenSSH format that use passphrase, you can convert them to PEM format using

ssh-keygen -f my-rsa-key -m pem -p

Note: when it was missing -p argument I got Expecting: ANY PRIVATE KEY error.

Thanks, after hours of searching this is one works with me.
I used this for sftp with phpstorm

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.