key_load_public:格式无效 [英] key_load_public: invalid format
问题描述
我使用PuTTY密钥生成器生成带有密码短语的4096位RSA-2密钥.
I used PuTTY Key Generator to generate a 4096 bit RSA-2 key with a passphrase.
我保存.ppk和openSSL格式的公共密钥.油灰格式的公钥无效.
I save the .ppk and an openSSL format public key. The putty format public key doesn't work.
无论如何,我的错误如下:
In any case, my error is as follows:
$ ssh -T git@github.com
key_load_public: invalid format
Enter passphrase for key '/c/Users/Dan/.ssh/id_rsa':
Hi Dan! You've successfully authenticated, but GitHub does not provide shell access.
出什么问题了?
我使用Pageant加载密钥,并使用Git Bash尝试ssh连接.我还将密钥加载到了GitHub,不确定我在做什么错.
I use Pageant to load the keys and i use Git Bash to try the ssh connection. I've also loaded the key into GitHub, not sure what i'm doing wrong.
我尝试添加新行而不在GitHub中添加新行
I've tried adding a new line and not adding a new line in GitHub
推荐答案
在他们的答案中提到的 Roland 警告ssh-agent
无法理解公钥的格式,即使那样,公钥也不会在本地使用.
As Roland mentioned in their answer, it's a warning that the ssh-agent
doesn't understand the format of the public key and even then, the public key will not be used locally.
但是,我也可以详细说明并回答为什么出现警告.简而言之,就是 PuTTY密钥生成器会根据您在程序中执行的操作生成两种不同的公共密钥格式.
However, I can also elaborate and answer why the warning is there. It simply boils down to the fact that the PuTTY Key Generator generates two different public key formats depending on what you do in the program.
注意:在整个说明中,我将使用/生成的密钥文件将被命名为id_rsa
并带有适当的扩展名.此外,为了方便复制粘贴,将假定键的父文件夹为~/.ssh/
.根据需要调整这些细节以适合您的需求.
Note: Throughout my explanation, the key files I will be using/generating will be named id_rsa
with their appropriate extensions. Furthermore, for copy-paste convenience, the parent folder of the keys will be assumed to be ~/.ssh/
. Adjust these details to suit your needs as desired.
当您使用 PuTTY密钥生成器通过保存公共密钥"按钮保存密钥时,它将以 RFC 4716 .
When you save a key using the PuTTY Key Generator using the "Save public key" button, it will be saved in the format defined by RFC 4716.
示例:
---- BEGIN SSH2 PUBLIC KEY ----
Comment: "github-example-key"
AAAAB3NzaC1yc2EAAAABJQAAAQEAhl/CNy9wI1GVdiHAJQV0CkHnMEqW7+Si9WYF
i2fSBrsGcmqeb5EwgnhmTcPgtM5ptGBjUZR84nxjZ8SPmnLDiDyHDPIsmwLBHxcp
pY0fhRSGtWL5fT8DGm9EfXaO1QN8c31VU/IkD8niWA6NmHNE1qEqpph3DznVzIm3
oMrongEjGw7sDP48ZTZp2saYVAKEEuGC1YYcQ1g20yESzo7aP70ZeHmQqI9nTyEA
ip3mL20+qHNsHfW8hJAchaUN8CwNQABJaOozYijiIUgdbtSTMRDYPi7fjhgB3bA9
tBjh7cOyuU/c4M4D6o2mAVYdLAWMBkSoLG8Oel6TCcfpO/nElw==
---- END SSH2 PUBLIC KEY ----
OpenSSH
与流行的看法相反,这种格式不会由生成器保存.但是,它已生成并显示在标题为用于粘贴到OpenSSHauthorized_keys文件的公共密钥"的文本框中.要将其保存为文件,必须从文本框中手动复制它,并将其粘贴到新的文本文件中.
OpenSSH
Contrary to popular belief, this format doesn't get saved by the generator. However it is generated and shown in the text box titled "Public key for pasting into OpenSSH authorized_keys file". To save it as a file, you have to manually copy it from the text box and paste it into a new text file.
对于上面显示的密钥,应为:
For the key shown above, this would be:
ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAhl/CNy9wI1GVdiHAJQV0CkHnMEqW7+Si9WYFi2fSBrsGcmqeb5EwgnhmTcPgtM5ptGBjUZR84nxjZ8SPmnLDiDyHDPIsmwLBHxcppY0fhRSGtWL5fT8DGm9EfXaO1QN8c31VU/IkD8niWA6NmHNE1qEqpph3DznVzIm3oMrongEjGw7sDP48ZTZp2saYVAKEEuGC1YYcQ1g20yESzo7aP70ZeHmQqI9nTyEAip3mL20+qHNsHfW8hJAchaUN8CwNQABJaOozYijiIUgdbtSTMRDYPi7fjhgB3bA9tBjh7cOyuU/c4M4D6o2mAVYdLAWMBkSoLG8Oel6TCcfpO/nElw== github-example-key
密钥的格式仅为ssh-rsa <signature> <comment>
,可以通过重新排列SSH-2格式的文件来创建.
The format of the key is simply ssh-rsa <signature> <comment>
and can be created by rearranging the SSH-2 formatted file.
如果您正在使用ssh-agent
,则可能还可以访问ssh-keygen
.
If you are making use of ssh-agent
, you will likely also have access to ssh-keygen
.
如果拥有OpenSSH专用密钥(id_rsa
文件),则可以使用以下命令生成OpenSSH公用密钥文件:
If you have your OpenSSH Private Key (id_rsa
file), you can generate the OpenSSH Public Key File using:
ssh-keygen -f ~/.ssh/id_rsa -y > ~/.ssh/id_rsa.pub
如果只有PUTTY私钥(id_rsa.ppk
文件),则需要先进行转换.
If you only have the PUTTY Private Key (id_rsa.ppk
file), you will need to convert it first.
- 打开 PuTTY密钥生成器
- 在菜单栏上,单击文件">加载私钥"
- 选择您的
id_rsa.ppk
文件 - 在菜单栏上,单击转换">导出OpenSSH密钥"
- 将文件另存为
id_rsa
(无扩展名)
- Open the PuTTY Key Generator
- On the menu bar, click "File" > "Load private key"
- Select your
id_rsa.ppk
file - On the menu bar, click "Conversions" > "Export OpenSSH key"
- Save the file as
id_rsa
(without an extension)
现在有了OpenSSH专用密钥,您可以使用上述的ssh-keygen
工具对密钥进行操作.
Now that you have an OpenSSH Private Key, you can use the ssh-keygen
tool as above to perform manipulations on the key.
说实话,我不知道此键的用途,因为我不需要它.但是我多年来整理的笔记中都有它,为了有益于健康,我将在此包括在内.该文件将如下所示:
To be honest, I don't know what this key is used for as I haven't needed it. But I have it in my notes I've collated over the years and I'll include it here for wholesome goodness. The file will look like this:
-----BEGIN RSA PUBLIC KEY-----
MIIBCAKCAQEAhl/CNy9wI1GVdiHAJQV0CkHnMEqW7+Si9WYFi2fSBrsGcmqeb5Ew
gnhmTcPgtM5ptGBjUZR84nxjZ8SPmnLDiDyHDPIsmwLBHxcppY0fhRSGtWL5fT8D
Gm9EfXaO1QN8c31VU/IkD8niWA6NmHNE1qEqpph3DznVzIm3oMrongEjGw7sDP48
ZTZp2saYVAKEEuGC1YYcQ1g20yESzo7aP70ZeHmQqI9nTyEAip3mL20+qHNsHfW8
hJAchaUN8CwNQABJaOozYijiIUgdbtSTMRDYPi7fjhgB3bA9tBjh7cOyuU/c4M4D
6o2mAVYdLAWMBkSoLG8Oel6TCcfpO/nElwIBJQ==
-----END RSA PUBLIC KEY-----
可以使用以下命令使用OpenSSH私有密钥(如上面重新生成公共密钥"中生成的)生成文件:
This file can be generated using an OpenSSH Private Key (as generated in "Regenerating Public Keys" above) using:
ssh-keygen -f ~/.ssh/id_rsa -y -e -m pem > ~/.ssh/id_rsa.pem
或者,您可以通过以下方式使用OpenSSH公钥:
Alternatively, you can use an OpenSSH Public Key using:
ssh-keygen -f ~/.ssh/id_rsa.pub -e -m pem > ~/.ssh/id_rsa.pem
参考文献:
- 在AskUbuntu上"key_load_public:无效格式..."
- 安全Shell(SSH)公钥文件格式
- 转换OpenSSH公钥
- "key_load_public: invalid format..." on AskUbuntu
- The Secure Shell (SSH) Public Key File Format
- Converting OpenSSH public keys
References:
这篇关于key_load_public:格式无效的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!