Login or Register to Ask a Question and Join Our Community


UNIX for Dummies Questions & Answers

Extracting a Private key from a keystore?

 
Thread Tools Search this Thread
Top Forums UNIX for Dummies Questions & Answers Extracting a Private key from a keystore?
# 1  
Old 02-11-2011
Extracting a Private key from a keystore?
Hi everyone!
I know you can extract public keys from a keystore using the keytool command.

But what is the process to extract a private key from a jks keystore and import into another jks keystore using keytool?

Any guidance would be greatly appreciated! I can't seem to find anything, I do see some items using a PEM format, but do I need to export into that format first? (and is that with openssl?)

Thanks so much,
I was hoping I could export a privatekey to import into another keystore but it seems as though the keytool command does not have this fuctionality.

Any help would be fantastic!
 
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Private and public key encryption

Hi, we have private and public key, encrypt file using public and want to decrypt using private key. can you please advise below commands are correct or other remedy if unix have? encrypt -a arcfour -k publickey.asc -i TESTFILE.csv -o TESTFILE00.csv decrypt -a arcfour -k privatekey.asc... (2 Replies)
Discussion started by: rizwan.shaukat
2 Replies

2. OS X (Apple)

Using a private key with SSH in terminal

Before you get the wrong idea, I am not looking for how to generate one. I have a key from a server admin but I can't figure out how to use it in OS X. I have the key, the address and everything I should need but there doesn't seem to be a step by step on how to install the key and use it in... (4 Replies)
Discussion started by: kylebellamy
4 Replies

3. UNIX for Dummies Questions & Answers

Public and Private Key generation for scp

Hi, What tool is used to generate public and private keys for SCP? Do you have an example script that generates these keys, puts them in files and then another example script that references them from SCP? Thanks, (9 Replies)
Discussion started by: Astrocloud
9 Replies

4. Shell Programming and Scripting

Private Key

I have two types of files pubring.pkr secring.skr secring.skr is encrypted and not able to read. How can i read secring.skr in text format after decrypting ? is there any way of decrypting this file? Unix HP - UX Version. (4 Replies)
Discussion started by: airesh
4 Replies

5. Red Hat

ssh private key passwordless authentication

Hello, Need a suggestion to setup private key passwordless authentication. I am not sure this can done or not :wall: here is the sincerio I have two servers, sever1 with a user "user1" and servera with usera here dataflow: usera from servera, will pull/push files to server1 on user1... (2 Replies)
Discussion started by: bobby320
2 Replies

6. UNIX for Dummies Questions & Answers

Secure private key

Hello all, We have unix environment and we would like to use ssh public and private key to move between server using ssh. I do know how to test this and have it up and running on some sandbox...but my question is how would one secure the PRIVATE KEY....we are not using a passphrase...and i know... (1 Reply)
Discussion started by: abdul.irfan2
1 Replies

7. UNIX for Advanced & Expert Users

SSH connectivity between two machines with private key

Hi I have two machines Mac1 and Mac2 logging in with same user id and same private key. can anyone let me know how to connect these two machine using ssh . or SCP files to other machine :wall: (1 Reply)
Discussion started by: madankumar
1 Replies

8. Solaris

Multiple private key to be uploaded

I would like to ask if you have a procedure on how to upload multiple private key for multiple users in solaris? I was only able to add one but when I tried to add several key, it fails. example: a. user1: user1.ppk b. user2: user2.ppk Each with different password on the server. Pls advise (6 Replies)
Discussion started by: lhareigh890
6 Replies

9. Shell Programming and Scripting

Rename .pub and private key

I wish to generate a id_dsa.pub and id_dsa (Public and Private Key) in a common user group. I have checked the .ssh directory and i have already found id_dsa.pub and id_dsa existing. Is that OK if i create both the keys in my home direcotry, rename it to jjj.pub and jjj and move to Common user... (1 Reply)
Discussion started by: vasuarjula
1 Replies

10. Programming

Passphrase protection of private key

Hi all, I have written a Java program to generate RSA public and private keys. I am writing the keys to a file and reading from it when required to encryption or decryption. I want to protect the private key file using a passphrase. Can anyone tell me how to do it? :( Thanks. (2 Replies)
Discussion started by: Treasa
2 Replies
Login or Register to Ask a Question

LEARN ABOUT CENTOS

qcatool2

QCATOOL(1)						Qt Cryptographic Architecture (QCA)						QCATOOL(1)

NAME

       qcatool - command line tool for the Qt Cryptographic Architecture

DESCRIPTION

       qcatool	is  a  command line tool for performing various cryptographic operations with the Qt Cryptographic Architecture (QCA). qcatool can
       also be used for testing and debugging QCA.

USAGE

       qcatool has a range of options and commands. You only ever get to use one command, but you may use several, one or no options.

OPTIONS

       As noted above, these are all optional, and may be combined.

       --pass=PASSWORD
	      Specify the password to use. This is probably a bad idea except for testing, because anyone can read the arguments to a command line
	      application.

       --newpass=PASSWORD
	      Specify  the  new password to use for password change with the key changepass and keybundle changepass commands.	This is probably a
	      bad idea except for testing, because anyone can read the arguments to a command line application.

       --nonroots=CERTIFICATES
	      Specify additional certificates, not trusted, but which may be used in the trust path if appropriate trust can be established.

       --roots=CERTIFICATES
	      Specify additional certificates which can be used as trusted (root) certificates.

       --nosys
	      Disable use of the standard root certificates that are provided by the operating system.

       --noprompt
	      Disable prompting for passwords/passphrases. If you do not provide the passphrase on the command line  (with  --pass  or	--newpass)
	      this will cause qcatool to abort the command if a password/passphrase is required.

       --ordered
	      If  outputting  certificate  information	fields (Distinguished Name and Subject Alternative Name), show them in same the order that
	      they are present in the certificate rather than in a friendly sorted order.

       --debug
	      Enable additional output to aid debugging.

       --log-file=FILENAME
	      Log to the specified file.

       --log-level=LEVEL
	      Log at the specified level. The log level can be between 0 (none) and 8 (most).

       --nobundle
	      When S/MIME signing, do not bundle the signer's certificate chain inside the signature.  This results in a smaller signature output,
	      but requires the recipient to have all of the necessary certificates in order to verify it.

COMMANDS

       help, --help, -h
	      Output usage (help) information.

       version, --version, -v
	      Output version information.

       plugins
	      List available plugins. Use the --debug option to get more information on plugins which are found and which ones actually loaded.

       config save [provider]
	      Save provider configuration. Use this to have the provider's default configuration written to persistent storage, which you can then
	      edit by hand.

       config edit [provider]
	      Edit provider configuration. The changes are written to persistent storage.

       key make rsa|dsa [bits]
	      Create a key pair

       key changepass [K]
	      Add/change/remove passphrase of a key

       cert makereq [K]
	      Create certificate request (CSR)

       cert makeself [K]
	      Create self-signed certificate

       cert makereqadv [K]
	      Advanced version of 'makereq'

       cert makeselfadv [K]
	      Advanced version of 'makeself'

       cert validate [C]
	      Validate certificate

       keybundle make [K] [C]
	      Create a keybundle

       keybundle extract [X]
	      Extract certificate(s) and key

       keybundle changepass [X]
	      Change passphrase of a keybundle

       keystore list-stores
	      List all available keystores

       keystore list [storeName]
	      List content of a keystore

       keystore monitor
	      Monitor for keystore availability

       keystore export [E]
	      Export a keystore entry's content

       keystore exportref [E]
	      Export a keystore entry reference

       keystore addkb [storeName] [cert.p12]
	      Add a keybundle into a keystore

       keystore addpgp [storeName] [key.asc]
	      Add a PGP key into a keystore

       keystore remove [E]
	      Remove an object from a keystore

       show cert [C]
	      Examine a certificate

       show req [req.pem]
	      Examine a certificate request (CSR)

       show crl [crl.pem]
	      Examine a certificate revocation list

       show kb [X]
	      Examine a keybundle

       show pgp [P|S]
	      Examine a PGP key

       message sign pgp|pgpdetach|smime [X|S]
	      Sign a message

       message encrypt pgp|smime [C|P]
	      Encrypt a message

       message signencrypt [S] [P]
	      PGP sign & encrypt a message

       message verify pgp|smime
	      Verify a message

       message decrypt pgp|smime ((X) ...)
	      Decrypt a message (S/MIME needs X)

       message exportcerts
	      Export certs from S/MIME message

ARGUMENTS

       The arguments to the commands are as follows.

       K = private key.

       C = certificate.

       X = key bundle.

       P = PGP public key.

       S = PGP secret key.

       E = generic entry.

       These must be identified by either a filename or a keystore reference ("store:obj").

AUTHOR

       qcatool was written by Justin Karneges as part of QCA. This manual page was written by Brad Hards.

qcatool 1.0.0							    August 2007 							QCATOOL(1)