SSH key pairs can be in SSH2 or OpenSSH file format. When you add your public SSH key to the server's authorized_keys file, for example, you need to use an OpenSSH-formatted public SSH key.
Therefore, you need to convert your public key to OpenSSH format if your key is in SSH2 format, or you won't be able to use the public-key authentication method.
Using ssh-keygen, you can convert the private and public key files between SSH2 and OpenSSH format. ssh-keygen is normally installed by default in Linux, macOS, or Windows 11.
$ ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/home/user/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/user/.ssh/id_rsa Your public key has been saved in /home/user/.ssh/id_rsa.pub The key fingerprint is: SHA256:56nQo6Shxw4+vcezLKSr8wXYDpNTFxMO8J70yg8gelk user@host The key's randomart image is: +---[RSA 3072]----+ |... +. | | . o o | | + o | | B + | |O = E S . | |oB =. . o . | |. O=o.o o o | |.oo*==+o o | |.+===++o. | +----[SHA256]-----+
Related: How to generate SSH key pairs
ssh-keygen by creates a key pair in OpenSSH format by default.
$ ls ~/.ssh/id_rsa.pub /home/user/.ssh/id_rsa.pub
Public key file normally assigned .pub extension and no extension for the private key.
$ file ~/.ssh/id_rsa.pub /home/user/.ssh/id_rsa.pub: OpenSSH RSA public key
$ ssh-keygen -e -f ~/.ssh/id_rsa.pub ---- BEGIN SSH2 PUBLIC KEY ---- Comment: "3072-bit RSA, converted by user@host from OpenSSH" AAAAB3NzaC1yc2EAAAADAQABAAABgQCs3A3PQIlEFoBiLcor8Fbkd3ayfwyQS5elrUVsKK rD1lbuHfVscRGIidnrCnG9Fk9R0ZIr8/L8BCdLo2CYbQ6NQl8qaxJgnVNtzWD/akUEpChu +hOpnWDYgwNih1i/4FZ+gfYwWkGhwZJ5qYTNYNp3shbAByGSHLU0PEmP2j/Thlkl2uroVl q3BEYCKj3StB2gz/oOoDQmk3pL3IEKr19+E2jt2h2my0Rx4NLchq3posOQs23JzSJNa12U 8Ws4qWjUL8JIl94RBlWV6j1H/krP3SddalmSvzRb+KU6aqvJqorKdZUcurFm1bV/ooteE+ 3WMVTc+N4570qc8szfd6T0nCZ7R3dY2c/xsukGQpYcus5c89+1WO0G5892/u8+MgPMpQ1P 2+kgDxS+vjDQduzgAFlkmngvktzSucSHka6s42CZye2gvLuLR6mhW+bp3jIR0SqBbUlvy1 Dxj88bMbSoZ6IFQ7yNnYS2Dc1oze93otKN+9Azx2C6WBDUqVf/7P8= ---- END SSH2 PUBLIC KEY ----
-e -- export key to SECSH file format
$ ssh-keygen -e -f ~/.ssh/id_rsa.pub > id_rsa_ssh2.pub
$ ssh-keygen -i -f id_rsa_ssh2.pub ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCs3A3PQIlEFoBiLcor8Fbkd3ayfwyQS5elrUVsKKrD1lbuHfVscRGIidnrCnG9Fk9R0ZIr8/L8BCdLo2CYbQ6NQl8qaxJgnVNtzWD/akUEpChu+hOpnWDYgwNih1i/4FZ+gfYwWkGhwZJ5qYTNYNp3shbAByGSHLU0PEmP2j/Thlkl2uroVlq3BEYCKj3StB2gz/oOoDQmk3pL3IEKr19+E2jt2h2my0Rx4NLchq3posOQs23JzSJNa12U8Ws4qWjUL8JIl94RBlWV6j1H/krP3SddalmSvzRb+KU6aqvJqorKdZUcurFm1bV/ooteE+3WMVTc+N4570qc8szfd6T0nCZ7R3dY2c/xsukGQpYcus5c89+1WO0G5892/u8+MgPMpQ1P2+kgDxS+vjDQduzgAFlkmngvktzSucSHka6s42CZye2gvLuLR6mhW+bp3jIR0SqBbUlvy1Dxj88bMbSoZ6IFQ7yNnYS2Dc1oze93otKN+9Azx2C6WBDUqVf/7P8=
-i -- import key to OpenSSH format
$ ssh-keygen -i -f id_rsa_ssh2.pub > id_rsa_openssh.pub
$ file id_rsa_openssh.pub id_rsa_openssh.pub: OpenSSH RSA public key
Comment anonymously. Login not required.