OpenSSH fails to parse an SSH key file with "key_load_public: invalid format". Usually caused by PuTTY-format keys, BOM/CRLF corruption, or a wrong key format. Convert or regenerate the key in OpenSSH format to fix it.
OpenSSH relies on strict key file formats. When the SSH client or server attempts to load a public key using the `key_load_public()` function, it validates the file structure against expected formats. If the key file contains unexpected bytes, incorrect line endings, a UTF-8 BOM marker, or uses an incompatible format (such as PuTTY's RFC 4716 format with a `---- BEGIN SSH2 PUBLIC KEY ----` header instead of the single-line OpenSSH format), the parser rejects it with "invalid format". The error can appear as a non-fatal warning (SSH still works because the corresponding private key in the agent or on disk is usable) or as a fatal error (SSH fails), depending on whether a usable key is found through another path.
Check what format your key file is in. The first line should indicate the format:
head -1 ~/.ssh/id_rsa.pubExpected first lines:
- OpenSSH public key: ssh-rsa AAAAB3NzaC1yc2E... (or ssh-ed25519 AAAA...)
- OpenSSH private key: -----BEGIN OPENSSH PRIVATE KEY-----
- Old PEM private key: -----BEGIN RSA PRIVATE KEY-----
If you see something else, such as ---- BEGIN SSH2 PUBLIC KEY ---- (PuTTY/RFC 4716 format), the key needs to be converted or regenerated into OpenSSH format.
If you still have a valid private key but the public key file is corrupted or missing, regenerate the public key from it:
ssh-keygen -y -f ~/.ssh/id_rsa > ~/.ssh/id_rsa.pubThis extracts the public key from your private key in the correct single-line OpenSSH format. The new public key file will start with ssh-rsa (or ssh-ed25519). If the private key is passphrase-protected, you will be prompted for the passphrase.
If the key was edited on Windows or copied through certain tools, it may have a UTF-8 BOM (an invisible 3-byte sequence at the start of the file). Detect it:
hexdump -C ~/.ssh/id_rsa.pub | head -1A leading ef bb bf indicates a BOM. Strip it with sed:
sed -i '1s/^\xef\xbb\xbf//' ~/.ssh/id_rsa.pubAfter removing it, re-check the key and test SSH.
If you transferred the key from Windows, it may have CRLF (\r\n) line endings instead of LF (\n). Convert them:
# Using dos2unix
dos2unix ~/.ssh/id_rsa ~/.ssh/id_rsa.pub
# Or with sed
sed -i 's/\r$//' ~/.ssh/id_rsa
sed -i 's/\r$//' ~/.ssh/id_rsa.pubVerify with file:
file ~/.ssh/id_rsa.pubIt should report ASCII text (or OpenSSH ... public key). If it reports ASCII text, with CRLF line terminators, the conversion did not take effect.
PuTTY's .ppk files are not in OpenSSH format. Use PuTTYgen (puttygen), the correct tool for converting them. ssh-keygen -i does not read .ppk files — it only imports RFC 4716 / PKCS#8 *public* keys — so do not use it here.
Using puttygen on the command line (Linux/macOS/WSL):
# Export the private key in OpenSSH format
puttygen id_rsa.ppk -O private-openssh -o ~/.ssh/id_rsa
# Export the matching public key
puttygen id_rsa.ppk -O public-openssh -o ~/.ssh/id_rsa.pubInstall puttygen first if needed (sudo apt install putty-tools on Debian/Ubuntu, brew install putty on macOS).
Using the PuTTYgen GUI (Windows):
1. Open PuTTYgen.
2. Click File -> Load private key and select your .ppk file (enter the passphrase if prompted).
3. Click Conversions -> Export OpenSSH key and save it as id_rsa (no .ppk extension).
4. Copy the contents of the "Public key for pasting into authorized_keys file" box into id_rsa.pub.
After converting, set the correct permissions (see the permissions step) before using the key.
If a tool rejects your private key because it expects the older PEM format (-----BEGIN RSA PRIVATE KEY-----) rather than the newer OpenSSH format (-----BEGIN OPENSSH PRIVATE KEY-----), convert it in place. ssh-keygen -p changes the on-disk format with the -m flag. The valid values for -m are RFC4716, PKCS8, and PEM.
Convert an existing private key to old PEM format:
ssh-keygen -p -f ~/.ssh/id_rsa -m PEMYou will be prompted for the current passphrase (if any) and a new one; press Enter to keep it unchanged. Make a backup of the key first (cp ~/.ssh/id_rsa ~/.ssh/id_rsa.bak) so you can recover if the conversion is not what you wanted.
If instead you need to (re)generate a key directly in PEM format:
ssh-keygen -t rsa -b 4096 -m PEM -f ~/.ssh/id_rsaNote: generating a new key creates a *different* key pair, so you must re-add the new public key to every server's authorized_keys. Avoid -N "" (empty passphrase) for keys that protect real systems; use a passphrase and let ssh-agent cache it.
SSH refuses to use key files with overly permissive modes. Even when the format is correct, wrong permissions can cause failures:
chmod 700 ~/.ssh
chmod 600 ~/.ssh/id_rsa
chmod 644 ~/.ssh/id_rsa.pubVerify:
ls -la ~/.ssh/The private key should show -rw------- (600) and the public key -rw-r--r-- (644).
After fixing the format, confirm the key parses cleanly:
ssh-keygen -l -f ~/.ssh/id_rsa.pubThis prints the key fingerprint, confirming the file is in a valid format. If it still reports "invalid format", the file is likely truncated or corrupted beyond repair and the key pair should be regenerated:
# Preferred: Ed25519
ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519 -C "[email protected]"
# Or RSA (4096-bit)
ssh-keygen -t rsa -b 4096 -f ~/.ssh/id_rsa -C "[email protected]"Use a passphrase when prompted. Then add the new public key to each server's ~/.ssh/authorized_keys (for example with ssh-copy-id) and test the connection with ssh -v to confirm the key is now offered and accepted.
OpenSSH version differences: OpenSSH 7.8 (2018) changed the default private key format from PEM to the OpenSSH format for better security. Keys generated on a newer system may not be recognized by very old OpenSSH versions, and vice versa. If a format mismatch is the issue, regenerate the public key from the private key with ssh-keygen -y, or convert the private key with ssh-keygen -p -m PEM (valid -m values are RFC4716, PKCS8, PEM).
Ed25519 vs RSA keys: Modern OpenSSH prefers Ed25519 keys for better security and performance. If you have old RSA keys, consider migrating:ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519 -C "[email protected]"
SSH agent and stale keys: If the error appears only when using ssh-agent, the agent may have cached a bad or stale key. Clear it and reload: ssh-add -D then ssh-add ~/.ssh/id_ed25519.
Check key integrity: ssh-keygen -l -f keyfile prints a key's fingerprint. If that command itself fails, the file is corrupted or in an unsupported format and must be converted or regenerated.
Distro-specific issues: Some legacy distributions (CentOS 6, older RHEL) ship very old OpenSSH versions that do not support modern key formats. On such systems, update OpenSSH where possible; only fall back to an older key type (ssh-keygen -t rsa -b 2048 -m PEM) when an upgrade is genuinely not an option, since older defaults are weaker.
sign_and_send_pubkey: no mutual signature supported
How to fix "sign_and_send_pubkey: no mutual signature supported" in SSH
sign_and_send_pubkey: signing failed for RSA from agent: agent refused operation
How to fix "sign_and_send_pubkey: signing failed for RSA from agent: agent refused operation" in SSH
Bad owner or permissions on /home/user/.ssh/config
How to fix "Bad owner or permissions on .ssh/config" in SSH
No more authentication methods to try.
How to fix "No more authentication methods to try." in SSH
Error connecting to agent: Connection refused
How to fix "Error connecting to agent: Connection refused" in SSH