login about faq

I just got sftp working with SmartCard authentication...but I'm having a hard time figuring out how to convert people's public keys to SSH keys.

Up till now the only way I have been able to create an SSH public key is by using the SSH client, clicking on my cert in the GUI and then clicking upload. (Which means that I have to first open a connection with username/password or a PKI pair.) Therefore I now know 2 things. 1- Tectia client can grab my public key from the SmartCard and convert it to an SSH public key and place it on the server for me. 2- I need to find a way to call that functionality from the command line so that I can upload people's public keys manually. (I really can't waste time setting people up with username and password so that they upload their own cert, I need to be able to have them send me their public key and I'll it to the server.)

If you have any ideas on how to simply convert a p7b or cer public key to a SSH public key that would be great.

Running Tectia Server/client on Windows 2008 64bit.


Stephen Mayhugh

asked Apr 23 '12 at 15:57

SteveM's gravatar image


If I'm understanding what your trying to do you should be able to use the ssh-keygen-g3 command with the -7 option.

Please see Pg. 350 Section: ssh-keygen-g3


ssh-keygen-g3 -h

Usage: ssh-keygen [options] [key1 key2 ...]


-7 file Extract certificates from a PKCS#7 file.



answered Apr 30 '12 at 17:43

Joe%20-%20Tectia%20Support's gravatar image

Joe - Tectia Support ♦♦

edited Apr 30 '12 at 17:44

Also please note that if you have SSH Tectia Server on the destination machine you can simply utilize certificate authentication, without having to transfer all of the keys to the server.


answered Apr 30 '12 at 17:46

Joe%20-%20Tectia%20Support's gravatar image

Joe - Tectia Support ♦♦

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported



Asked: Apr 23 '12 at 15:57

Seen: 6,803 times

Last updated: Apr 30 '12 at 17:46

All user contributed content licensed under the cc-by-sa license.
Powered by OSQA.