Graham Watts

(he/him) IT geek - DevOps Engineer - Rescue dog and cat dad - Sometime runner and cyclist.

less than 1 minute read

Splitting PEM SSH Keys

Services such as Amazon AWS provide SSH keys as PEM (.pem) files. While this can be consumed by the ssh command they do not always work well with ssh-add and ssh-agents.

User OpenSSL to reformat and split a PEM key

  1. Convert the PEM file

     openssl pkey < *pem_file*.pem > *exported_key*

    Example

     openssl pkey < demo.pem > demo

  2. Export public key

     openssl rsa -in *exported_key* -pubout > *public_key*.pub

    Example

     openssl rsa -in demo -pubout > demo.pub

  3. Permissions

    Remember to set permissions on private key to 400

     chmod 600 *exported_key*

    Example

     chmod 600 demo

  4. Apply a passphrase

    Secure the key with a passphrase

     ssh-keygen -p -f *exported_key*

    Example

     ssh-keygen -p -f demo
 Enter new passphrase (empty for no passphrase):
 Enter same passphrase again:
 Your identification has been saved with the new passphrase.

Updated:

You May Also Enjoy

Lock Files in bash

5 minute read

Using lock files to manage access to resources or process execution in bash