32

I have a 3072 bit RSA key that I generated for use with SSH. Can this key-pair be used with PGP/GPG, or do I need to generate a new pair of keys separately for use in email encryption?

Are the two interchangeable, or is there a difference between the two?

IQAndreas
  • 6,667
  • 9
  • 33
  • 52
  • 5
    Even if they were, it's generally a bad idea to re-use the same key across multiple contexts. – Stephen Touset Aug 31 '14 at 03:51
  • 1
    Both PGP and SSH support RSA public/private key pairs, so presumably it is possible. – lzam Aug 31 '14 at 15:18
  • 1
    @StephenTouset would you elaborate why this is not a good idea in this case? – schatten Sep 18 '15 at 01:48
  • See also [this answer](http://security.stackexchange.com/questions/1806/why-should-one-not-use-the-same-asymmetric-key-for-encryption-as-they-do-for-sig) for why not to use the same key for signing and encryption. The reasoning about key management extends to SSH authentication too. – 0 _ Jul 31 '16 at 00:44

1 Answers1

26

Yes, the same RSA key pair can be used for both (Open)SSL and OpenPGP/GnuPG.

The monkeysphere project contains a tool to convert RSA keys in PEM format to the one defined by OpenPGP, pem2openpgp. For converting the SSH key pair into the PEM format, there already is a comprehensive answer in Converting keys between openssl and openssh.

Community
  • 1
Jens Erat
  • 23,816
  • 12
  • 75
  • 96