The output from ssh-keygen is identical regardless of whether a public or private key is given using -f: [cjwatson@arborlon ~]$ ssh-keygen -e -f .ssh/id-imapd-flatline.pub ---- BEGIN SSH2 PUBLIC KEY ---- Comment: "1024-bit RSA, converted from OpenSSH by cjwatson@arborlon" AAAAB3NzaC1yc2EAAAABIwAAAIEAvpawnSFO7bg4CXQ2hNDyNE/ffPGOaPPzAugbx1/kqk yawwaOn86jEHA+Kk0kCE4iwYc+19g6oVS9xezzkn2QJlwLZ8tH7c/Vy+i0Y7USaTZ3sEe1 nhZljkVtMUJaG3D+lqi094qROztTJVPvWCTMxJ0oytQEzC1roMCZmTl5hrk= ---- END SSH2 PUBLIC KEY ---- [cjwatson@arborlon ~]$ ssh-keygen -e -f .ssh/id-imapd-flatline ---- BEGIN SSH2 PUBLIC KEY ---- Comment: "1024-bit RSA, converted from OpenSSH by cjwatson@arborlon" AAAAB3NzaC1yc2EAAAABIwAAAIEAvpawnSFO7bg4CXQ2hNDyNE/ffPGOaPPzAugbx1/kqk yawwaOn86jEHA+Kk0kCE4iwYc+19g6oVS9xezzkn2QJlwLZ8tH7c/Vy+i0Y7USaTZ3sEe1 nhZljkVtMUJaG3D+lqi094qROztTJVPvWCTMxJ0oytQEzC1roMCZmTl5hrk= ---- END SSH2 PUBLIC KEY ---- However, the man page says: .It Fl e This option will read a private or public OpenSSH key file and print the key in a .Sq SECSH Public Key File Format to stdout. This option allows exporting keys for use by several commercial SSH implementations. (This is Debian bug #174156.)
yes, but the manpage says that a PUBLIC key will be printed.
you can however try to port putty's code for reading/writing ssh.com private key files. also note that the manpage says: .Sq SECSH Public Key File Format and there is no matching definition for _private_ keys.
It does say that something will be printed in a public key format (although I wasn't sure that the name of the format might not simply have been badly worded), but the statement that it will read private OpenSSH key files is quite confusing in this context. In fact, at least in the SSH2 case, it reads the private key file, realizes it can't do anything with it, and then finds and reads the public key file instead. I'll have a look at the PuTTY code, or possibly just talk to Simon. :) I see sshcom_write() here. Thanks. Would you consider allowing this to be left open as an enhancement request? The original bug reporter (Tomasz Cichecki <knight@kopernet.org>) said that he wanted to try out an ssh.com server without disturbing existing use, but was unable to do so because he couldn't export the private key.
it's still possible to convert a private ssh.com key to openssh format, but not vice versa. we don't intend to provide support for migrating waway _from_ openssh
That being said - OpenSSH's protocol 2 keys are in a standard PEM format which you can dump out using "openssl rsa -noout -text -in .ssh/id_rsa"
Created attachment 193 [details] A quick hack to export unencrypted private keys I noticed the lack of exporting private keys a few months ago and therefore created the following patch to do the job. Should work for all unencrypted RSA/DSA private keys. I don't care if the patch ever goes to the main source tree, there's still people who probably need the functionality in ssh-keygen, so I might just as well share it.