This may be what I am looking for.
http://www.madboa.com/geek/openssl/#key-rsa On Fri, Aug 31, 2012 at 5:57 PM, Dave Thompson <dthomp...@prinpay.com>wrote: > > From: owner-openssl-us...@openssl.org On Behalf Of Charles Mills > > Sent: Friday, 31 August, 2012 12:39 > > To: openssl-users@openssl.org > > Subject: RE: Creating a SSH Key pair - public and private for > > my Windows 2008 server app so it can communicate with a > > partner sftp site > > > > You can do this with the openssl.exe utility. > > > > I am less than an expert but the doc is here: > > http://www.openssl.org/docs/apps/openssl.html > > > > Take a look at openssl.exe req -newkey > > > Not really. req -newkey creates a keypair AND a CSR. > A CSR is useless for SSH which uses no certificates. > > openssl commandline (which is .exe only on Windows) > can generate a keypair with the traditional per-algorithm > utilities like genrsa and gendsa (or dsaparam -genkey), > or since 1.0.0 with the generic (and extensible) genpkey . > > But in both cases it creates files in OpenSSL-supported > formats which may not be suitable for SSH software. > In particular, the common OpenSSH implementation uses > OpenSSL format for privatekey, but for publickey uses > a format (basically base64 of several bignums) which > OpenSSL doesn't know. The OpenSSH ssh-keygen utility can > create this publickey format, or an RFC interchange format > with PEM wrapper, from the OpenSSL privatekey, but ssh-keygen > can also generate the keypair in the first place avoiding > any explicit use of OpenSSL. Other SSH software I've seen > usually doesn't use OpenSSL formats for either key. > > Usually it's best to use the keygen features of the SSH > program(s). If that isn't available, but some kind of > key-import is, we need to know exactly what format(s) > that key-import accepts. Or on Windows possibly it uses > the MS keystore, in which case the MS utilities (inetcpl > and friends) can read PKCS12 (aka PFX) which OpenSSL > commandline can create (in a second step). But OP still > needs to send his publickey in a format the partner accepts, > and I've never seen any SSH software that accepts OpenSSL > format publickey. They commonly do accept the traditional > and/or RFC format, which could be created with about a page > of C or somewhat less perl; I recall someone posted code for > that in the list a few years ago, if you want to search for it. > > > Charles > > From: owner-openssl-us...@openssl.org > > [mailto:owner-openssl-us...@openssl.org] On Behalf Of ML Harmon > > Sent: Friday, August 31, 2012 1:26 AM > > To: openssl-users@openssl.org > > Subject: Creating a SSH Key pair - public and private for my > > Windows 2008 > > server app so it can communicate with a partner sftp site > > > > I have a Windows 2008 server that runs an application I use > > to transfer > > files to my business partner's site via sftp. > > I need to generate a SSH key pair with openssl and then send > > my partner the > > public key while I keep the private key. > > I don't know how to do this with openssl, can someone help me? > > > > > > ______________________________________________________________________ > > OpenSSL Project http://www.openssl.org > > User Support Mailing List openssl-users@openssl.org > > Automated List Manager majord...@openssl.org > > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org >
