使用 openssl 將 SSH2 RSA 私鑰轉換為 .pem

當我嘗試將SSH2 RSA基於格式的私鑰轉換為.pem格式時，使用openssl我收到以下錯誤。

[jbadmin@xxxxxxx .ssh2]$ openssl req -x509 -key /home/jbadmin/.ssh2/id_rsa_2048_a -nodes -days 365 -newkey rsa:2048 -out id_rsa_2048_a.pem
unable to load Private Key
139994671441736:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:703:Expecting: ANY PRIVATE KEY

我的私鑰：

[jbadmin@xxxxxx.ssh2]$ cat id_rsa_2048_a
---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----
Subject: jbadmin
Comment: "2048-bit rsa, jbadmin@x01bicallapp1a, Tue Dec 29 2015 11:38:\
----------------------------
----------------------------
---- END SSH2 ENCRYPTED PRIVATE KEY ----

請建議我是否有任何其他使用openssl或ssh-keygen-g3 的方法

**EDIT1：**嘗試以下選項，仍然是同樣的問題

[jbadmin@x01bicallapp1a .ssh2]$ openssl rsa -outform PEM -in /home/jbadmin/.ssh2/id_rsa_2048_a -out /home/jbadmin/.ssh2/id_rsa_2048_a.pem
unable to load Private Key
140493432293192:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:703:Expecting: ANY PRIVATE KEY

**解決方案：**我使用以下命令使其工作

$ ssh-keygen-g3 --key-format openssh2  --import-private-key /home/jbadmin/.ssh2/id_rsa_2048_a /home/jbadmin/.ssh2/id_rsa_2048_a_openssh.pem
Imported private key in /home/jbadmin/.ssh2/id_rsa_2048_a to /home/jbadmin/.ssh2/id_rsa_2048_a_openssh.pem.

ssh-keygen -p可以在 SSH2 和 PEM 格式之間進行轉換：

-m key_format
        Specify a key format for key generation, the -i (import),
        -e (export) conversion options, and the -p change
        passphrase operation.  The latter may be used to convert
        between OpenSSH private key and PEM private key formats.
        The supported key formats are: “RFC4716” (RFC 4716/SSH2
        public or private key), “PKCS8” (PKCS8 public or private
        key) or “PEM” (PEM public key).  By default OpenSSH will
        write newly-generated private keys in its own format, but
        when converting public keys for export the default format
        is “RFC4716”.  Setting a format of “PEM” when generating or
        updating a supported private key type will cause the key to
        be stored in the legacy PEM private key format.

從 SSH2 到 PEM：

ssh-keygen -p -f id_rsa -m PEM

從 PEM 到 SSH2：

ssh-keygen -p -f id_rsa -m SSH2

**警告：**指定的文件被覆蓋並就地更新！

**注意：**雖然ssh-keygen-g3與商業產品相關聯，但ssh-keygen它是更常見的開源對應物。您可以在您的系統上免費獲得它，它適用於 Linux、Windows、FreeBSD 和 PASE 等。如果您願意，您可以在具有它的系統上執行轉換：SSH2/PEM 密鑰畢竟只是純文字文件，請注意不要將它們遺漏。

引用自：https://unix.stackexchange.com/questions/253102