On Thu, 16 May 2024, Anabelle VanDenburgh wrote: > For no particular reason, i'm looking to convert my ed25519 private key to > pem. A user on stackoverflow suggested running `ssh-keygen -p -f > path/to/your/key -m pem` [^1], which errors, printing `do_convert_to_pem: > unsupported key type ED25519`. Looking at the corresponding line in source, it > seems that only RSA, DSA, & ECDSA keys can be converted to pem.[^2] With new > keys defaulting to ED25519 as of [1.471][^3], are there plans to add support > for exporting ed25519 to pem? Nobody has asked before, so it wasn't planned. It will probably be trivial to implement once https://github.com/djmdjm/openssh-wip/pull/27 is merged. BTW if your keys have passphrases then the PEM format is usually weaker than OpenSSH's native private key format. The OpenSSH format uses a KDF (key derivation function) that is considerably more resistant to offline cracking that anything that was available in PEM* -d * at least when I last checked. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
