OPENSSH Private KEY: Begins with-----BEGIN OPENSSH PRIVATE KEY-----OPENSSH Public KEY simple format:ssh-rsa <base64> [comment]RFC4716: can be generated byssh-keygen -e -f ~/.ssh/id_rsa -m RFC4716, Begins with :---- BEGIN SSH2 PUBLIC KEY ----PKCS8: PKCS8 public or private key. Use the-m PKCS8option ofssh-keygen. Begins with-----BEGIN PUBLIC KEY-----DER: Binary formatPEM: PEM public key. UsePKCS#8(Public Key Cryptography Standards #8) when it's used inopensslcommands.
PKCS8/PKCS1 are specifically for RSA keys.
-lShow fingerprint of specified public key file-cRequests changing the comment in the private and public key files.-eThis option will read a private or public OpenSSH key file and print the key in RFC 4716 SSH Public Key File Format to stdout.-yThis option will read a private OpenSSH format file and print an OpenSSH public key to stdout.
Export the SSH public key in PEM format.
ssh-keygen -e -f ~/.ssh/id_rsa.pub -m PEMnote, the output key is a RSA public key, not a generic public key required for openssl commands like openssl rsautl -pubin
To be more specific, a RSA public key begins with a line like -----BEGIN RSA PUBLIC KEY-----
while a PKCS8 starts with a line like -----BEGIN PUBLIC KEY-----
You'll need to convert it to a generic public key before running those commands, or you'll fail
openssl rsa -in ~/.ssh/pub.pem -RSAPublicKey_in -out -Import an PEM format public key:
ssh-keygen -i -m PEM -f /tmp/pub.pemGenerate a public openssh key from a private key
ssh-keygen -y -f ~/.ssh/id_rsa_1show fingle print of SSH key
ssh-keygen -l -f ~/.ssh/id_rsa.pub