User profile for user: bizmate
bizmate Author
User level: Level 1
11 points

high sierra upgrade breaks ssh keys usage

Before upgrading I could use id_rsa ssh keys without problems. As soon as I upgraded i cannot get my key to work anymore as it complaints about the format.


Load key "/Users/username/.ssh/id_rsa.pub": invalid format

I have read instructions at http://rosslawley.co.uk/key_load_public/

and

https://medium.freecodecamp.org/upgrading-to-macos-sierra-will-break-your-ssh-ke ys-and-lock-you-out-of-your-own-servers-…

So i have regenerated the pub key from my private key

mv ~/.ssh/id_rsa.pub ~/.ssh/id_rsa.pub_old && ssh-keygen -f ~/.ssh/id_rsa -y > ~/.ssh/id_rsa.pub && chmod 600 ~/.ssh/id_rsa.pub

I am still getting the invalid format error. From the article above i read that mac os now also forces 2048 SHA256 so i checked this

$ ssh-keygen -l -f ~/.ssh/id_rsa.pub

2048 SHA256:qESRzqt554JG9vC7eZAQ/ybEe1jReep9vJl7JkwW+D4 no comment (RSA)

and indeed my key is already in this format as you can see above. How do i fix this? Thanks High Sierra :/

MacBook Air, macOS High Sierra (10.13.1)

Posted on Nov 17, 2017 8:22 AM

Reply
1 reply
User profile for user: cloudwrk
cloudwrk
User level: Level 1
4 points

Dec 9, 2017 3:00 AM in response to bizmate

As of the High Sierra 10.13.2 update released in 6th Dec'17, you have to use the id_rsa file that contains the private key and not the id_rsa.pub public key file.


Had the same issue, used the private file instead in ssh command to fix it.


$ ssh -I ~/.ssh/id_rsa.pub remote_server >>> Load key "xxx/.ssh/id_rsa.pub": invalid format

$ ssh -I ~/.ssh/id_rsa remote_server

Reply

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

high sierra upgrade breaks ssh keys usage

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up