login about faq

How can I convert OpenSSH public and private keys to the format supported by Tectia?

asked Dec 22 '10 at 05:33

SSH%20KB's gravatar image

SSH KB ♦
384239237229

edited Sep 20 '11 at 08:43

Roman's gravatar image

Roman ♦♦
7285816


Tectia and OpenSSH use different public key file formats. For more information on the public key file format used by Tectia, please see the IETF SECSH working group SECSH Public Key File Format draft. For more information on the OpenSSH public key file format, please see the OpenSSH web site. The new version of ssh-keygen-g3 has options to convert OpenSSH private and public keys to the IETF SECSH compliant format supported by Tectia.

Command-line options

ssh-keygen-g3 --import-public-key infile outfile
Reads the OpenSSH public key and converts it to an SSH Tectia compliant format. Supports DSA and RSA keys.
ssh-keygen-g3 --import-private-key infile outfile
Reads the OpenSSH null passphrase private key and converts it to a Tectia-compliant format. Supports DSA and RSA keys.
ssh-keygen-g3 --import-ssh2-authorized-keys infile outfile
Reads the SSH2 and OpenSSH authorized_keys file (can contain several DSA and RSA keys), extracts the file to separate Tectia-compliant keys and creates a Tectia format authorization file which contains references to created keys.

Usage examples

Host key conversion

ssh-keygen-g3 --import-private-key /etc/ssh/hostkey /etc/ssh2/hostkey
ssh-keygen-g3 --import-public-key /etc/ssh/hostkey.pub /etc/ssh2/hostkey.pub

User key conversion

Client side
ssh-keygen-g3 --import-private-key "$HOME"/.ssh/id_dsa "$HOME"/.ssh2/id_dsa_ssh2
echo "Key id_dsa_ssh2" >>identification
Server side
ssh-keygen-g3 --import-ssh1-authorized-keys "$HOME"/.ssh/authorized_keys "$HOME"/.ssh2/authorization

Migrating OpenSSH server to Tectia Server

Host key needs to be converted with
ssh-keygen-g3 --import-private-key /etc/ssh/hostkey /etc/ssh2/hostkey
ssh-keygen-g3 --import-public-key /etc/ssh/hostkey.pub /etc/ssh2/hostkey.pub
If public key authentication is used, user specific authorized_keys file needs to be converted to separate public keys. Conversion needs to be done for each user using public key authentication
ssh-keygen-g3 --import-ssh1-authorized-keys "$HOME"/.ssh/authorized_keys "$HOME"/.ssh2/authorization

Migrating OpenSSH client to Tectia Client

If public key authentication is used, user specific private and public keys need to be converted. Conversions are required for each key and each user using public key authentication
ssh-keygen-g3 --import-private-key "$HOME"/.ssh/id_dsa "$HOME"/.ssh2/id_dsa_ssh2
ssh-keygen-g3 --import-public-key "$HOME"/.ssh/id_dsa.pub "$HOME"/.ssh2/id_dsa_ssh2.pub
echo "Key id_dsa_ssh2" >>identification
link

answered Dec 22 '10 at 05:57

Alan%20-%20Tectia%20Support's gravatar image

Alan - Tectia Support ♦
236335

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×53
×21
×3

Asked: Dec 22 '10 at 05:33

Seen: 8,206 times

Last updated: Sep 20 '11 at 08:43

All user contributed content licensed under the cc-by-sa license.
Powered by OSQA.