Display public keys + fingerprints of Dropbear SSH server

by Daniel Böhmer   Last Updated July 12, 2019 02:00 AM

While I normally use OpenSSH I have Dropbear installed on a Debian system to provide a small SSH server for unlocking disk encryption during initramfs boot phase.

Dropbear and OpenSSH have different formats key files. I also don’t want them to share the key pair and not convert Dropbear’s key pair to OpenSSH.

How to just display Dropbear’s public key in the OpenSSH format and/or its fingerprint?



Answers 1


Dropbear uses a binary format for storing the key and has no second file for storing the private key, especially not in a human-readable form.

The program dropbearkey is responsible for key generation but will also display the public key for the binary key file. The -y switch is important for reading the file, not writing it!

$ sudo dropbearkey -y -f /etc/dropbear/dropbear_ecdsa_host_key
Public key portion is:
ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAFygHJYm8rXlIrktbgGEcrfkipydP7ZM+mkWwot7lhnrYYuKvwMNE99YyvrKYT8fXnVaemSgOsigJDGAgdfCyJNjgDdNE4AU4RQRY4IN4PinnlMsw2Lv1BY1q+F2IcBBoSb/2OVTc2c5/LRQ7/rbPcqBpU8V3v67CTTULYY7yH1BTfnXQ== [email protected]
Fingerprint: md5 7d:c5:7e:43:a2:07:c3:93:a7:fe:5c:76:60:2e:a0:4c
Daniel Böhmer
Daniel Böhmer
July 12, 2019 01:25 AM

Related Questions


Updated April 11, 2018 23:00 PM

Updated June 21, 2018 02:00 AM

Updated August 02, 2018 20:00 PM

Updated October 10, 2018 16:00 PM

Updated May 18, 2017 11:00 AM