Skip to content

Instantly share code, notes, and snippets.

@mingfang
Last active March 3, 2024 08:46
Show Gist options
  • Save mingfang/4aba327add0807fa5e7f to your computer and use it in GitHub Desktop.
Save mingfang/4aba327add0807fa5e7f to your computer and use it in GitHub Desktop.
Convert id_rsa to pem file
openssl rsa -in ~/.ssh/id_rsa -outform pem > id_rsa.pem
chmod 600 id_rsa.pem
@dzmitry-lahoda
Copy link

@coolaj86 tried to run on windows, got errors (rsa -> jwt json)

C:\Users\dz\.ssh> ssh-to-jwk id_rsa
C:\Users\dz\AppData\Roaming\npm\node_modules\ssh-to-jwk\lib\ssh-parser.js:135
    len = dv.getUint32(index, false);
             ^

RangeError: Offset is outside the bounds of the DataView
    at DataView.getUint32 (<anonymous>)
    at Object.SSH.parseElements (C:\Users\dz\AppData\Roaming\npm\node_modules\ssh-to-jwk\lib\ssh-parser.js:135:14)
    at Object.SSH.parse (C:\Users\dz\AppData\Roaming\npm\node_modules\ssh-to-jwk\lib\ssh-parser.js:23:24)
    at Object.<anonymous> (C:\Users\dz\AppData\Roaming\npm\node_modules\ssh-to-jwk\bin\ssh-to-jwk.js:26:16)
    at Module._compile (internal/modules/cjs/loader.js:1063:30)
    at Object.Module._extensions..js (internal/modules/cjs/loader.js:1092:10)
    at Module.load (internal/modules/cjs/loader.js:928:32)
    at Function.Module._load (internal/modules/cjs/loader.js:769:14)
    at Function.executeUserEntryPoint [as runMain] (internal/modules/run_main.js:72:12)
    at internal/main/run_main_module.js:17:47

@mattiacantalu
Copy link

I had the same problem and fixed by adding -m PEM when generate keys.

So the gen key command look like:

ssh-keygen -t rsa -b 4096 -m PEM

Then you can get pem from your rsa private key.

openssl rsa -in id_rsa -outform pem > id_rsa.pem

@kollaesch doesn't seem to be the case. I still got:

@macbook:~/work$ openssl dsa -in id_dsa -outform pem
read DSA key
unable to load Private Key
140736256754632:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:697:Expecting: ANY PRIVATE KEY
unable to load Key

Worked to me too. Thanks man !

@tarcisiomiranda
Copy link

Just run this

ssh-keygen -f ~/.ssh/id_rsa.pub -e -m pem > ~/.ssh/id_rsa.pub.pem

@linuxtim
Copy link

Some of the examples above contain insecure use of chmod.
In general to create a file securely, always set the umask first! e.g.

$ rm -f examplefile ; ( umask 0077 && echo "" > examplefile ) ; ls -l examplefile
-rw------- 1 tim tim 1 Feb 26 13:55 examplefile
$  rm -f examplefile ; ( umask 0377 && echo "" > examplefile ) ; ls -l examplefile
-r-------- 1 tim tim 1 Feb 26 13:55 examplefile

...if you don't do that, then your file creation is subject to a race condition, and can be maliciously read between you creating it, and chmodding it...

@andreif
Copy link

andreif commented Feb 26, 2024

Huh, TIL! Thanks @linuxtim!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment