Skip to content

Instantly share code, notes, and snippets.

@twelve17
Last active November 30, 2021 06:17
Show Gist options
  • Save twelve17/0449491d86158960fdb630160799ff23 to your computer and use it in GitHub Desktop.
Save twelve17/0449491d86158960fdb630160799ff23 to your computer and use it in GitHub Desktop.
Formatting OpenSSL keys for PuTTY Gen Conversion

It looks like as of this writing, the PuTTY Gen conversion code only accepts keys that use the AES-128-CBC or DES-EDE3-CBC ciphers. Otherwise, it will complain with a "unsupported cipher" error. (The latest release version at the moment is beta 0.67.)

For example, one of my private keys was using AES-256-CBC:

-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-256-CBC,xxxxxxx

Note that if your key is encrypted with a passphrase or has a MAC(?), you might only see a header like:

-----BEGIN RSA PRIVATE KEY-----
xx252xljbl.....

The "openssl" tool can be used to convert an existing private key to one of the acceptable formats above. Which of the two is another discussion, but hey, here is some insight.

openssl.exe rsa -in /path/to/your/private_key -out /path/to/your/new_private_key -outform PEM -des-ede3-cbc
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment