Convert OpenSSH public key to a PKCS#1 in HEX format with spaces and columns
Solution 1
I spent one night and I found this solution:
OpenSSH public key must be converted to PKCS#1 PEM-encoded public key that is in base64:
ssh-keygen -f id_rsa.pub -e -m pem
Next, use base64 to HEX converter like this: http://tomeko.net/online_tools/base64.php?lang=en
Enter string without begin and end mark
-----BEGIN RSA PUBLIC KEY-----
-----END RSA PUBLIC KEY-----
to converter and click convert
For example:
You enter this into converter:
MIIBCgKCAQEA12g49WBnLyiIVCIJo1fzI8/LKOTtrXcRvYFZU8AsbhS43FDrHIgeUfh2dvBmbW/bW9KeGUhnfGy3FJyP7ahZVQX0SoX4sW7yZQyZM4dXqs6o4As+0oHe76P/aV+BTZmo3HbeJ7IDCNENDS2TMhdDPdIEwJHKXwlcreetSCKxytDKVj6kG6fde1/IX0R9t7IKPAeO9RYTeo94IUtfDnABvC0swkxSIyc8qs0UWC6WFXRlcq6jSldMATj+3c5mQHKYreFwrUSBEinUBszwjHHLYIdnaAT8Bcj9QFHEwS6ubJGYIpOkY2iQJQpt68T7NGyQxiJ1hIGJU503O4RJleLV9wIDAQAB
And you get this:
3082010A0282010100D76838F560672F2888542209A357F323CFCB28E4EDAD7711BD815953C02C6E14B8DC50EB1C881E51F87676F0666D6FDB5BD29E1948677C6CB7149C8FEDA8595505F45F85F8B16EF2650C99338757AACEA8E00B3ED281DEEFA3FF695F814D99A8DC76DE27B20308D12D0D2D939617433DD204C091CA5F095CADE7AD4822B1CAE0CA563EA41BA7DD7B5FC85F447DB7B20A3C078EF516137A8F78214B5F0E7001BC2D2CC2439223273CAACD14582E9615746572AEA34A574C0138FEDDCE66407298ADE170AD44811229D406CCF08C71CB6087676804FC05C8FD4051C4C2AEAE6C91982293A4636890250A6DEBC4FB346C90C62275848349539D373B844978E2D7F70203010001
For network equipment like Huawei GPON OLT or switches or Juniper you must little edit output to groups of 8 characters in 6 colnums like this: (via text editor add classic spaces and line breaks)
3082010A 02820101 00D76838 F560672F 28885422 09A357F3
23CFCB28 E4EDAD77 11BD8159 53C02C6E 14B8DC50 EB1C881E
51F87676 F0666D6F DB5BD29E 1948677C 6CB7149C 8FEDA859
5505F44A 85F8B36E F2650C99 338757AA CEA8E00B 3ED281DF
EFA3FF69 5F814D99 A8DC76DE 27B20308 D10D0D2D 93961743
3DD204C0 91CA5F09 5CADE7AD 4822B1CA D0CA563E B41BA7DD
7B5FC85F 447DB7B2 0A3C078E F516137A 8F78214B 5F0E7001
BC2D2CC2 43922327 3CAACD14 582E9615 746572AE A34A574C
0138FEDD CE664072 98FAE170 AD448112 29D416CC F08C71CB
60876768 04FC05C8 FD4051C4 C2AEAE6C 91982293 A4636890
250A6DEB C4FB346C 90C62275 84834953 9D373B84 4995E2D7
F7020301 0001
Now you can put this RSA public key in to console, save, assign RSA key to user and you can now login with your SSH private key.
Solution 2
The format is consistent with ASN.1 containing a sequence (30
) of length 0x86 (80 86
) containing an integer (02
) of length 0x80 (81 80
) followed by an integer (02
) of length 1 (01
). This is a plausible RSA public key.
Assuming that the SSH key is in a file id_rsa.pub
, you can convert it to the desired format with
ssh-keygen -f /dev/stdin -e -m PKCS8 -f id_rsa.pub |
openssl pkey -pubin -outform DER |
od -t x1 -An -w4 |
tr 'a-f' 'A-F' |
tr -d ' ' |
fmt -w 54
(Why so complicated? Because.)
Related videos on Youtube
Oldřich Švéda
Updated on September 18, 2022Comments
-
Oldřich Švéda over 1 year
I have SSH public key (generated on my Mac) in OpenSSH format like this:
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDXaDj1YGcvKIhUIgmjV/Mjz8so5O2tdxG9gVlTwCxuFLjcUOsciB5R+hZ28GZtb9tb0p4ZSGd8bLcUnI/tqFlVBfRKhfixbvJlDJkzh1eqzqjgCz7Sgd7vo/9pX4FNmajcdt4nsgMI0Q0NLZOWF0M90gTAkcpfCVyt561IIrHK0MpWPqQbp917X8hfRH23sgo8B471FhN6j3ghS18OcAG8LSzCQ5IjJzyqzRRYLpYVdGVyrqNKV0wBOP7dzmZAcpit4XCtRIESKdQGzPCMcctgh2doBPwFyP1AUcTCrq5skZgik6RjaJAlCm3rxPs0bJDGInWEg0lTnTc7hEmV4tf3 nameofthekey
And I need to convert to PKCS#1 in HEX with this formatting:
30818602 8180E6B0 25E45C19 54F3DBAD D41C79BF 2054F2C9 33775177 6F60F3B0 9654B03D 02A6A30F B04A5D59 E9BA7846 32059FB6 1157F39B 2C60C890 9B92EFA6 CD566AE2 41621AEB 7BC30538 7065BD5A E3D2380E F1ABF4BF A8EFB0C9 E9BB06E0 8A060E0E 2022047C 009BA3F6 47257E1B B3498941 3C1281BA C5D64786 377B7426 2B5AA315 41C70201 25
and put in in my Huawei OLT terminal for SSH RSA key access.
Thank you.
-
Oldřich Švéda over 7 yearsNot succesfull.See this screenshot from console: prntscr.com/dpdu9n
-
phk over 7 years@OldřichŠvéda Is the expected output in your question supposed to be the output for the input you presented there?
-
Oldřich Švéda over 7 yearsI'm not sure if I understand your question correctly. Expected output in my question is target output format for my input in question. But this output is example from user manual. See this screenshot from another manual. prntscr.com/dphc2l
-
phk over 7 yearsBut this is the same as for Gilles' answer… expect for the casing! :O
-
phk over 7 yearsGilles' answer changed by simply adding
| tr 'a-f' 'A-F'
in order to convert the output to upper case:ssh-keygen -f /dev/stdin -e -m PKCS8 -f id_rsa.pub | openssl pkey -pubin -outform DER | od -t x1 -An -w4 | tr 'a-f' 'A-F' | tr -d ' ' | fmt -w 54
. -
Oldřich Švéda over 7 years@phk Gilles' output of
ssh-keygen -f /dev/stdin -e -m PKCS8 -f id_rsa.pub
is not same as output ofssh-keygen -f id_rsa.pub -e -m pem