Openssh private key file extension

It cannot be done by the ssh-keygen program even though most man pages say it can. They discourage it so that you will use multiple public keys. The only problem is that RCF will not allow you to register more than one public key. The workaround is to use the puttygen program.

It is availble on the web. Make sure you add a password after it is generated. Save the public key as "puttystyle. The putty program and SSH. We will come back to this, later. You should be able to load both puttystyle keys into the putty program. However, the private key formats for putty and SSH. And some other colleagues have to use them sometimes as well.

Thinking and searching the web about this, I thought maybe someone has already come to a good concept to maintain overview. Can you tell ssh-keygen that it should use different filenames e. So how do you tell a private key from a public key?

I think that mistake inducing via ambiguity with such sensitive information should not be regarded as sound security practice. My bad! Lack of filename convention serves no one.

Firstly, it only allows for people to mistakenly send the private key when they really intended to send the public one. And no, expectation of human perfection, nor fastidious double checking the inside of all keyfiles is NOT a substitute for that major oversight.

Thanks for these suggestion. I don't want spaces in Linux - even if it's no offical policy I don't want to change all keys on all servers, if whatever maybe some sort of security issue happens, so I may don't want to use the same keypair for several servers want to use a keypair for only one purpose purpose could be a user, a service or a task for example The name therefore should contain the following information: Purposal information if it's username or taskname for example The servername, if it's a server specific key The algorithm Is it a private or public key?

A possible name scheme As heavyd mentioned, I think it's really an good idea to stick to the syntax of the ssh-keygen tool. SherylHohman 7 7 silver badges 16 16 bronze badges. Sign up or log in Sign up using Google. Sign up using Facebook. Sign up using Email and Password. Post as a guest Name. Email Required, but never shown.

The Overflow Blog. Stack Gives Back Safety in numbers: crowdsourcing data on nefarious IP addresses. Featured on Meta. New post summary designs on greatest hits now, everywhere else eventually. Related 0. Hot Network Questions. Question feed. There are some other suffixes for outdated crypto standards and perhaps newer ones if this article is really old by the time you read it , but we won't go into those here. The conventions are plentiful and kinda inconsistent.

However, they're mostly used for either HTTPS or application-level cryptography and a couple of common themes have emerged:. Since Let's Encrypt it's become more popular to name the private key privkey. It's not its own thing per say. When you create a Certificate Signing Request CSR , which lists the domains you intend to secure you must supply your private key the tool doing the signing. It will then extract the public key and embed it in the CSR, which is signed, returned to you, and later verified by your web browser against your private key.

Again I'll reference ASN. I don't know what the most common conventions are for these public keys, since they're largely application specific but I like to call mine pubkey.