Just a quick update to reg2kh – I noticed that under some circumstances OpenSSH requires a hostname AND IP address for a given key – although sometimes this isn’t stored by PuTTY in the registry, so reg2kh now tries to resolve the name automatically, but you can turn it off with
The other day I post about SharpSSH and mentioned that if you want to use strict host checking (i.e. checking the remote server’s public key against a stored version to protect against man-in-the-middle attacks), you need a ready-made known_hosts file. This is all well and good if you use the OpenSSH utilities but not so awesome if you are on Windows and use PuTTY or WinSCP, which store the known hosts in the registry.
There is already a converter that takes your known_hosts and turns it in to some registry entries, but I needed something to work in the other direction, so I wrote reg2kh.
It works for both PuTTY and WinSCP stored keys. I’ve tested only with rsa keys but dss should work, with at most only minor changes.
> python reg2kh.py --winscp
127.0.0.1 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQDMskjPhmqsB *snip* AA==
> python reg2kh.py --putty
127.0.0.1 ssh-rsa AAAAB3NzaC1yc2EAAAAD23ABAAAAf8qHnPq90Adnd+ *snip* bQ==
Not being a Pythonista, surely there will be omissions or quirky bugs, so I await your pull requests!