SSH Private Key File Format

RazorSQL supports setting up SSH Tunnels and using SFTP for file transfer. Users can authenticate to the SSH server using either a user id and password or a private key file.

The software library RazorSQL uses for SSH communication is the JSCH library. If using a private key file to authenticate, to be supported by JSCH, the private key file needs to be in the openssh classic format.

A private key file that has the following at the top would be an example of the private key file format required by JSCH:

-----BEGIN RSA PRIVATE KEY-----

Below is information on how to generate or convert private key files to the openssh classic format. The first section is for Mac and Linux users. The second section is for Windows users.

Mac and Linux Users

Prior to recent releases of the openssh client available on most Linux and Mac machines, the default format used by openssh's ssh-keygen program was supported by JSCH. However, newer releases of openssh now by default generate the private key file in a format that is not supported by JSCH.

To generate a private key file in a JSCH supportable format using the new openssh client's ssh-keygen tool, use the following command:

ssh-keygen -t rsa -m PEM

To convert an existing private key file to the format required by JSCH, execute the following command:

ssh-keygen -p -f file -m pem -P passphrase -N passphrase

Windows Users

There is a freely available program called Putty that can be installed on Windows machines for SSH communcation. One of the tools Putty provides is the PuttyGen program. This program can be used to generate private key files or convert existing files.

The default format the PuttyGen tool uses is the .ppk format. This format should be supported if you are using a recent version of RazorSQL. The JSCH library does support this format in its more recent releases.

If the private key file is not being accepted by the RazorSQL SSH Tunnel or SFTP tool, PuttyGen can be used to convert the key to the appropriate format. Listed below are the steps needed to convert the key:

Open PuttyGen Click File -> Load private key Go to Conversions -> Export OpenSSH and export your private key