0

I am using JSch library to connect to SFTP server (Tectia) Since Tectia generate private keys in SSH2 format and library doesn't accept this format, I expectedly receive

Exception in thread "main" com.jcraft.jsch.JSchException: invalid privatekey: [B@372f7a8d

When I convert this key to RSA format using PuttyGen - it works OK. My goal now is to avoid converting key manually but do it using Java. All I have is privateKey file

---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----

key here

---- END SSH2 ENCRYPTED PRIVATE KEY ----

and I want to end up with

-----BEGIN RSA PRIVATE KEY-----

*converted key here *

-----END RSA PRIVATE KEY-----

Is there any java library which can do it? Or is it a way to do it at all without putty-gen or open-ssl?

Proposed solution for question I 'duplicated' is not appropriate in my case, it is for RSA with cert files. I have ssh2 ciphered (3des-cbc) encrypted private key. I even can't covert it using ssh-keygen (only puttygen, which is not appropriate for me because it need user interaction with GUI)

Community
  • 1
  • 1
Limmy
  • 697
  • 1
  • 13
  • 24
  • Note that with "RSA PRIVATE KEY" you're using PKCS#1 formatted keys; that's not directly available in Java, even if you manage to get the `RSAPublicKey` from SSL. – Maarten Bodewes Apr 05 '18 at 00:13
  • You can use [this](https://stackoverflow.com/questions/7611383/generating-rsa-keys-in-pkcs1-format-in-java) to create the PKCS#1 key, including the text (called PEM or ASCII armor). So two steps: parse the SSH2 and create a RSAPublicKey format, and then encode that as PKCS#1 public key. – Maarten Bodewes Apr 05 '18 at 00:17
  • Sorry, I meant "private key" in above two comments. – Maarten Bodewes Apr 05 '18 at 00:19
  • Hello @MaartenBodewes . Both proposed solution don't work in my case. I can't convert key using proposed code because it is not openssh key, but ssh2. And I can't create RSAPrivateKey instance having only file with ssh2-encrypted private key. – Limmy Apr 13 '18 at 13:39
  • I did something with SSH some time ago, but I cannot remember it and I certainly do not have the time to find out. You could update the question to indicate that that answer isn't appropriate and put SSH2 in the title. Happy to reopen it; if it won't reopen you could delete this one and ask another question. – Maarten Bodewes Apr 13 '18 at 22:04

0 Answers0