SFTP Gateway Support

3.0

Convert SSH2 Public Key to OpenSSH format

 

Discover the simple, secure, and affordable way to give SFTP users access to cloud storage locations. Get a 30-day free trial of SFTP Gateway. No credit card or commitment is required.

Overview

An SFTP user provides you with a public key, but they are not able to log in.

There can be a number of reasons for this. But one possibility is that the public key provided is in the wrong format (i.e. SSH2 format).

This article shows you how to convert the SSH2 formatted public key to the OpenSSH format that SFTP Gateway expects.

Inspect the existing public key

To view the public key of an existing SFTP user, do the following:

  1. SSH into the server.

  2. Run the commands:

sudo su
sshldap robtest

(Replace robtest with the actual username.)

You should something like this:

ssh-rsa AAAAB3NzaC1yc2...PJtaZWNuT5BJa8GhnzX09g6nhbk= robtest.key

The above example is a public key in the OpenSSH format, which is what SFTP Gateway expects.

If you see the words BEGIN SSH2 PUBLIC KEY, this is an SSH2 formatted public key, and this needs to be corrected.

An SSH2 formatted public key looks something like this:

---- BEGIN SSH2 PUBLIC KEY ----
Comment: "rsa-key-20200402"
AAAAB3NzaC1yc2EAAAABJQAAAgEAiL0jjDdFqK/kYThqKt7THrjABTPWvXmB3URI
.
.
.
AEQwc1bG+Z/Gc1Fd8DncgxyhKSQzLsfWroTnIn8wsnmhPJtaZWNuT5BJa8GhnzX0
9g6nhbk=
---- END SSH2 PUBLIC KEY ----

The sshldap command will remove the line-breaks and show all the text on a singe line.

Convert the public key format from SSH2 to OpenSSH

Try to find the original SSH2 public key that was provided from the user.

Otherwise, use the sshldap command to output the SSH2 public key. You may need to manually insert line-breaks at the appropriate places.

Save the SSH2 public key to a file (e.g. ssh2.pub).

Then, run the following command:

ssh-keygen -i -f ssh2.pub

This takes the SSH2 formatted public key, and outputs an OpenSSH public key. For more information, see https://tutorialinux.com/convert-ssh2-openssh/

At this point, you can set the public key on the SFTP user:

sftpgw.sh update-user --username robtest --pub-ssh "ssh-rsa AAAAB3NzaC1yc2...PJtaZWNuT5BJa8GhnzX09g6nhbk= robtest.key"

Video Reference


Check out our YouTube channel for how-to videos and additional assistance. For even more cloud computing news and tips, connect with us on LinkedIn and Twitter. Don't forget to sign up for your 30-day free trial of SFTP Gateway.

Error: Localhost:636 Connection RefusedNext