ssh-keyconver(1)

NAME

ssh-keyconvert - convert ssh v1 keys and authorization files

SYNOPSIS

ssh-keyconvert [-k] [-o output_file] identity_file ...
ssh-keyconvert  [-a] [-o output_file] authorization_file ...

DESCRIPTION

ssh-keyconvert converts RSA public and private keys used for
public key based user authentication with protocol version 1 to the
format used with protocol version 2.
When using RSA user authentication with SSH protocol version
1, the client uses the private key from $HOME/.ssh/identity to pro
vide its iden tity to the server. The server grants or denies access based
on whether the public part of this key is listed in
$HOME/.ssh/authorized_keys.
SSH protocol version 2 supports both DSA and RSA keys, but
the way RSA keys are stored are differently. On the client, the default
file name is
.ssh/id_rsa rather than .ssh/identity, and the file's format
is different as well. On the server, the public porting of the key can
still be stored
in .ssh/authorized_keys, but the key notation has changed as
well. Therefore, when switching from protocol version 1 to version
2, you either have to create a new identity key using ssh-keygen(1)
and add that
key to the server's authorized_keys file, or you need to
convert your
keys using ssh-keyconvert.
By default, ssh-keyconvert will try to guess the type of
file that is to be converted. If it fails to guess correctly, you can tell
if what type of conversion to perform by specifying the -k option to con
vert the pri vate key, or the -a option to convert an authorisation file.
When converting your private keys stored in .ssh/identity,
ssh-keyconvert
will read the private key, prompting you for the pass phrase
if the key is protected by a pass phrase. If the -o option is given, it
will write the private key to the specified file, using version 2 syn
tax. If the key was protected by a pass phrase, it will use the same pass
phrase to pro tect the new file. It will also write the public portion of
the key to a second file, using the specified file name with ``.pub'' ap
pended. If the -o option was not given, private and public key will be
written to
id_rsa and id_rsa.pub, respectively, relative to the direc
tory of the input key file.
If the destination file already exists, ssh-keyconvert will
prompt the user for confirmation before overwriting the file, unless
the -f option is given.
When converting your authorized_keys file, ssh-keyconvert
will ignore any keys in SSH version 2 format. Any public keys in version 1
format will be converted and appended to the output file using the new syn
tax. If the -o option is given, keys are appended to the specified file. If
it is not
given, ssh-keyconvert will append all keys to the input
file.
Note that ssh-keyconvert does not check for duplicate keys,
so if you run
it on .ssh/authorized_keys more several times, the converted
keys will show up several times.

OPTIONS

-k Convert private key file(s). The default is to guess
the type of: file that should be converted.
-a Convert authorized_keys file(s). The default is to
guess the type: of file that should be converted.
-o outfile: Specify the name of the output file. When convert; ing an autho
rization file, all public keys will be appended to; this file.
For private key conversion, the private and public; components of
the key will be stored in outfile and outfile.pub,; respectively.
Note that since every key must be stored in a sepa; rate file, you
cannot use this option when you specify several in; put files.
-f When converting a key file, and the output file al
ready exists,: ssh-keyconvert will ask the user whether to over; write the file.
Using this option forces overwriting.

AUTHORS

OpenSSH is a derivative of the original and free ssh 1.2.12
release by Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels
Provos, Theo de Raadt and Dug Song removed many bugs, re-added newer fea
tures and cre
ated OpenSSH. ssh-keyconvert was contributed by Olaf Kirch.

docs.sk

komplexný repozitár dokumentácie

Pozri tiež

ssh-keyconver(1)

NAME

SYNOPSIS

DESCRIPTION

OPTIONS

AUTHORS

SEE ALSO