SSH -=- OpenSSH ------- To generate an OpenSSH sshv2 key $ ssh-keygen -t dsa -f newkey Generating public/private dsa key pair. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in newkey. Your public key has been saved in newkey.pub. The key fingerprint is: c6:db:3a:ff:4c:79:a7:d8:cb:be:82:e8:9d:db:8c:e9 brad@eta To export to ssh.com $ ssh-keygen -e -f newkey.pub ---- BEGIN SSH2 PUBLIC KEY ---- Comment: "1024-bit DSA, converted from OpenSSH by brad@eta" AAAAB3NzaC1kc3MAAACBAJ7QKkrLoOE9TNPVmKVedk1GAr/S+Cruq3/GtjRnxvJqbBbfne lWYUC+vbHc5a+7bgRsQfCgoCeGKH5wGD4CDWQMhy2XYomnGf1gUC86Hq77/Noqa02N441E FSTIEoNlU2aYi8zwVQKlgP6e22mG9sK7zSaGX639ctaigHuST8qPAAAAFQC2az8dfxHkkD ZAEw+RcvRn3cpXFQAAAIEAgYpPs6d+Kyw37ZaBarlMEaZoEfrxhUZ44SN+KoqBZYpSVwyH J+/RB0zVUizXCmZ5RhYSsYZ57Iixx1bBmBxogaEh5d7xxUpg/9Xctf94Jsf7vxccjZ4XYA RrVikq/0L9fuKOmo4ET9iAf+GL7w2u5gzxxZr+xX5jw/A7907lOCwAAACAMoHHk0o1XkG+ yeaPtuwbrHshGqTjpOUkJ/AYuQ8OBuVAOdqse1di9JpeHko26G0zoH3N+nDHMGdYYTNHzR NYRd2q20ztcAP52crZo1rtpNdvs6c+RTEIgoP3oYh1e1+rg70tWKIW3R/NYB39CESHoyqs AJ7vzOPm0iUOd36YECY= ---- END SSH2 PUBLIC KEY ---- ssh.com ------- To generate a key: $ ssh-keygen Generating 2048-bit dsa key pair 1 oOo.oO Key generated. 2048-bit dsa, marshalb@obelix.cqu.edu.au, Tue Jul 15 2003 13:53:34 +1000 Passphrase : Again : Private key saved to /usr/users/staff/m/marshalb/.ssh2/id_dsa_2048_b Public key saved to /usr/users/staff/m/marshalb/.ssh2/id_dsa_2048_b.pub To convert from ssh.com to OpenSSH (using OpenSSH ssh-keygen): $ ssh-keygen -i -f id_dsa_2048_b.pub ssh-dss AAAAB3NzaC1kc3MAAAEBAKueha6mfr5OUcscc88lmQUBBgYSZ08htHFaYzke2N 5WG6ql1NgwQsyY2mMRxvvGckBeInx2GvRlz1+izDs5p4UGhkMzG8qOoT2y2vLwTFQyxi4I XET1e0E8VYC0dcLfs5Zg6RxEY7GA5FiydS6dceuPnLJgCYDfyb9Qbk4rVEvREODo8dV/KR lZxecEgaeKOO7ZnEzaIVPRCVb6U6EaRtZvxKfGnNFI957AfZ+Hqevz1IeQNDCp00EmaNli 8Ow4rjOPlH7o818r35Ea8mMoV0hkirNQ25zf/Z1LvCS3649537YDi/SVmMMpGCvT93w/TR vk5RKlwVVy+TH52C8/MKEAAAAVAOuDCV61LvfKz0bd8hYEJ/gGof9XAAABAQCFRhlpWtVO hTxcWcrnZp9EbbVRZO16St5TPjL86khb7b/VjScOAgt0tslHwtEEQzImv1xRkk6ZQ1o9pv Azb1fMZrZMGIy9zUXvL0v6LNXxCxN9YIjx14OXYfH8EIQDZJGRJoxHvEvUVjv3lHnTuxbd Krcbagvakxvgjq1wVyEueilO+g+WhJm+Q+XIYRl0TK9qtsAVFmzxBxT5USZFJ+1kbG7ipp fFSGWRd3KPUCVQ8iGO3IMjtIlfcuGOArbKB06kMlxsdjNjhcEIHtR0jpaEeB2X+HrVScQE oXG4S8YkiIExlIvjhrVr571BTOuO9H5VHt4CtKUxeXxKZWslulYwAAABAHm3zlMsXxPL/H Oq29qf7Lk90b7El+j19E2UkyssfSu6+/k4bFf6ax2n3yEn31S5bUdNvgqmlEjdERc4SkU6 5b5LW2ZI1v7kRoegG+bD2Q21N9Rv/lwS7CTprenKiMMRJ8TU7FMIVT3zEZkV+etC7cbaN+ 09GoiFTt+h7IDmo7onlo64oSMrcc+xt++ZUzENTVBgDoS92jlpnELkyJqZgb1/fdEPT6wR j132yBxWLqDGmbp9msmY1us+XNDY8isF80u9yTTXGTskOtCSaeavDDtPOKN5ZR20sHpIBg t6zd6mm/zKD6OZo14BLSJr7ldwSRzNNYMtkLnNyFSYxAIrm9Y= You can then use the output in authorized_keys file on an openssh box. OpenSSH v2 -> ssh.com v2 ------------------------ On the OpenSSH box, create a DSA key via the following: $ ssh-keygen -t dsa Export the key into ssh.com v2 format: $ ssh-keygen -e -f ~/.ssh/id_dsa.pub > newPubKey Copy the converted ssh key to the ssh.com server $ scp newPubKey server:.ssh2/id_dsa.pub On the server, tell the ssh.com server that the public key is allowed: $ echo "Key id_dsa.pub" >> ~/.ssh2/authorization ssh.com v2 -> OpenSSH v2 ------------------------ On the ssh.com box, generate a DSA key: $ ssh-keygen Copy the generated key to the openssh box: $ scp ~/.ssh2/id_dsa_1024_a.pub server:.ssh Convert the public key to openssh format and append to authorized_keys: $ ssh-keygen -i -f id_dsa_1024_a.pub >> ~/.ssh/authorized_keys On the ssh.com box setup the private key: $ echo "IdKey id_dsa_1024_a" >> ~/.ssh2/identification ssh.com v2 -> ssh.com v2 ------------------------ On the ssh.com client, generate a DSA key: $ ssh-keygen Copy the generated key to the server: $ scp ~/.ssh2/id_dsa_1024_a.pub server:.ssh2 On the server, tell the ssh.com server that the public key is allowed: $ echo "Key id_dsa._1024_a.pub" >> ~/.ssh2/authorization On the ssh.com client setup the private key: $ echo "IdKey id_dsa_1024_a" >> ~/.ssh2/identification OpenSSH v2 -> OpenSSH v2 ------------------------ On the OpenSSH box, create a DSA key via the following: $ ssh-keygen -t dsa Copy the ssh key to the server $ scp ~/.ssh/id_dsa.pub server:.ssh/id_dsa.pub Add the key to the authorized_keys file on the server $ cat ~/.ssh/id_dsa.pub >> ~/.ssh/authorized_keys