macOS defaulting to OpenSSH Private Key instead of RSA Private Key causing Unable to load Private Key pem_lib.c Expecting ANY PRIVATE KEY

[espoelstra]

macOS may generate SSH private keys as BEGIN OPENSSH PRIVATE KEY instead of BEGIN RSA PRIVATE KEY requiring conversion before it can be used for decrypting the EC2 data.

FEATURE_REQUEST
It would be great if someone could add a detection of the OpenSSH private key format and either warn the user with a link to this issue or a section of the README or offer to help them resolve it by giving them the copy/backup commands and the in-place conversion of their key.

Confirm this is your issue

If you think you have this issue or see similar error messages to below, run head -1 ~/.ssh/id_rsa and if you see the BEGIN OPENSSH PRIVATE KEY you can jump to the fix/workaround below. If you see BEGIN RSA PRIVATE KEY it is more likely that you have forgotten your passphrase or typed it wrong, or you may have multiple keys in your ~/.ssh folder and you are using the wrong one.

LibreSSL error

unable to load Private Key
4468076140:error:09FFF06C:PEM routines:CRYPTO_internal:no start line:/AppleInternal/BuildRoot/Library/Caches/com.apple.xbs/Sources/libressl/libressl-47.140.1/libressl-2.8/crypto/pem/pem_lib.c:684:Expecting: ANY PRIVATE KEY

OpenSSL 1.1 error

unable to load Private Key
4639202752:error:0909006C:PEM routines:get_name:no start line:crypto/pem/pem_lib.c:745:Expecting: ANY PRIVATE KEY

After finally noticing this when trying to use iconv to attempt to convert from UTF-8 to ASCII or vice versa, I was able to find some references to the BEGIN OPENSSH PRIVATE KEY issue.

Fixing the issue

The fix turned out to be pretty straightforward, you just need to convert from the OpenSSH format back to the RSA format.

Copy file to a backup and not just move in case something goes wrong or if we want to use a different passphrase for the converted file since we'll convert/update the id_rsa in place.

cp ~/.ssh/id_rsa ~/.ssh/id_rsa_openssh

This command will prompt you for the existing passphrase and then a new one, you can use the same one again, as it only controls access (decrypting) of the secret key, it does NOT affect the contents of the key itself (which is what anyone using your public key has encrypted the data against).

ssh-keygen -p -m PEM -f ~/.ssh/id_rsa

Now you should be able to actually perform any of the decryption methods with this key.
You can verify it is in the correct format by running head -1 ~/.ssh/id_rsa and looking for the BEGIN RSA PRIVATE KEY line.

If you also want to convert your public key from the ssh-rsa base64 encoded version to a PEM/RSA PUBLIC KEY format you can use a command like the one below. You might need to do this if you are uploading a key to a service/site that only understands the RSA PUBLIC KEY format and not the OpenSSH one, something like AWS OpsWorks, though I'm sure they have supported the OpenSSH style for a while.

This will prompt you for the passphrase of your private key to get the correct output for your public key and specifying PEM will produce the RSA PUBLIC KEY style output.

ssh-keygen -f ~/.ssh/id_rsa -e -m PEM > ~/.ssh/id_rsa.pem

This conversion is documented in man ssh-keygen under the -m argument.

-m key_format
Specify a key format for key generation, the -i (import), -e (export) conversion options, and the -p change passphrase operation.  The latter may be
used to convert between OpenSSH private key and PEM private key formats.  The supported key formats are: ``RFC4716'' (RFC 4716/SSH2 public or pri-
vate key), ``PKCS8'' (PKCS8 public or private key) or ``PEM'' (PEM public key).  By default OpenSSH will write newly-generated private keys in its
own format, but when converting public keys for export the default format is ``RFC4716''.  Setting a format of ``PEM'' when generating or updating a
supported private key type will cause the key to be stored in the legacy PEM private key format.

Note:
The latter (meaning -p) may be used to convert between OpenSSH private key and PEM private key formats.