Convert OpenSSH ED25519 Private Key Format to PEM format

Question

I have generated a an ED25519 SSH key pair using

ssh-keygen -t ed25519

The output of the id_ed25519 file is in OpenSSH format:

-----BEGIN OPENSSH PRIVATE KEY-----
...
-----END OPENSSH PRIVATE KEY-----

I would like to convert it to a PEM file format. If it were an RSA key pair, there would be no need for that as an RSA id_rsa key is already in a PEM file format but the ED25519 key pair is an OpenSSH format.

How can I convert this to a PEM file format?

Answer 1

You can also use Puttygen to convert your ppk to pem.

The steps are these.

1. Importing your ppk private key to Puttygen
2. Choose RSA as the type of key to generate
3. Choose Conversions Menu > Export OpenSSH Key > Save
4. Use the saved file for your ssh tunnel identity file

Answer 2

Use

ssh-keygen -p -f path/to/your/key -m pem 

to convert your key file to PEM, but be sure to make a backup of the file first.

Taking from https://github.com/pickware/github-action-ssh-agent

Answer 3

I think this would work:

openssl pkey -in ed25519.pem -out ed25519.pub -pubout

It does for a private key generated this way:

openssl genpkey -algorithm ed25519 > ed25519.pem

I haven't tested ssh-keygen's private key format explicitly but I would assume that it is using OpenSSL under the hood. If the private key's base64 starts with "MC", then I would say it probably would be compatible.