How do I convert a .pem file to .ppk, or from .ppk to .pem, on Windows and Linux?

3 minute read

I want to convert my Amazon Elastic Compute Cloud (Amazon EC2) Privacy Enhanced Mail (.pem) file to a PuTTY Private Key (.ppk) file. Or, I want to convert a .ppk file to a .pem file.

Short description

PuTTY doesn't natively support the private key format (.pem) generated by Amazon EC2. You must convert your private key into a .ppk file before you can connect to your instance using PuTTY. Use the PuTTYgen tool for this conversion.

Resolution

Windows - install PuTTYgen

Most Windows operating systems have PuTTY installed. If your system doesn't, then download and install PuTTYgen from the SSH website.

Windows - convert a .pem file to a .ppk file

Start PuTTYgen, and then convert the .pem file to a .ppk file. For detailed steps, see Convert your private key using PuTTYgen.

Windows - convert a .ppk file to a .pem file

1. Start PuTTYgen. For Actions, choose Load, and then navigate to your .ppk file.

2. Choose the .ppk file, and then choose Open.

3. (Optional) For Key passphrase, enter a passphrase. For Confirm passphrase, re-enter your passphrase.

Note: Although a passphrase isn't required, it's a best practice to specify one. This is a security measure to protect the private key from unauthorized use. A passphrase makes automation difficult, because users must manually log in to an instance or copy files to an instance.

4. From the menu at the top of the PuTTY Key Generator, choose Conversions, Export OpenSSH Key.

Note: If you didn't enter a passphrase, then you receive a PuTTYgen warning. Choose Yes.

5. Name the file and add the .pem extension.

6. Choose Save.

Unix or Linux - install PuTTY

Install PuTTY, if it's not already on your system.

Important: The Extra Packages for Enterprise Linux (EPEL) repository contains the PuTTY package. You must activate the EPEL repository before you install PuTTY.

To install PuTTY, run one of the following commands:

RPM-based

$ sudo yum install putty

Dpkg-based

$sudo apt-get install putty-tools

Unix or Linux - convert a .pem file to a .ppk file

On the instance shell, run the puttygen command to convert your .pem file to a .ppk file:

$ sudo puttygen pemKey.pem -o ppkKey.ppk -O private

Unix or Linux - convert a .ppk file to a .pem file

Run the puttygen command to convert a .ppk file into a .pem file:

$ sudo puttygen ppkkey.ppk -O private-openssh -o pemkey.pem

Related information

Amazon EC2 key pairs and Linux instances

Topics

Compute

Relevant content

Brand new Ubuntu instance/keys won't accept SSH keys
8bitpixel
asked a month ago
Need access to Amplify automatic Route56 domain TLS .pem and key
oggie
asked 2 months ago
ACM import certificate error - The certificate chain provided is not in a valid PEM format.
rePost-User-7437082
asked 6 months ago
Why should i change the permissions on the ssh pem file?
Accepted Answer
Viridios
asked 5 months ago
Replace the pem file for an EC2 instance running Windows
jamielaird
asked 2 years ago
How can I use a single SSH key pair for all my AWS Regions?
AWS OFFICIALUpdated 2 years ago
Why am I receiving "imported-openssh-key" or "Putty Fatal Error" errors when connecting to my Amazon Elastic Compute Cloud (Amazon EC2) Linux instance?
AWS OFFICIALUpdated 4 months ago
How can I connect to my Lightsail instance using PuTTY or Filezilla if I lost the SSH keypair?
AWS OFFICIALUpdated 2 years ago
Why can't I import a third-party public SSL/TLS certificate into AWS Certificate Manager (ACM)?
AWS OFFICIALUpdated a year ago
How to Rotate your External IdP Certificates in AWS IAM Identity Center (successor to AWS Single Sign-On) with Zero Downtime
EXPERT
Matt-B
published 2 months ago