How do I convert a .pem file to .ppk, or from .ppk to .pem, on Windows and Linux?

3 minute read

I want to convert my Amazon Elastic Compute Cloud (Amazon EC2) Privacy Enhanced Mail (.pem) file to a PuTTY Private Key (.ppk) file. Or, I want to convert a .ppk file to a .pem file.

Short description

PuTTY doesn't natively support the private key format (.pem) generated by Amazon EC2. You must convert your private key into a .ppk file before you can connect to your instance using PuTTY. Use the PuTTYgen tool for this conversion.


Windows - install PuTTYgen

Most Windows operating systems have PuTTY installed. If your system doesn't, then download and install PuTTYgen from the SSH website.

Windows - convert a .pem file to a .ppk file

Start PuTTYgen, and then convert the .pem file to a .ppk file. For detailed steps, see Convert your private key using PuTTYgen.

Windows - convert a .ppk file to a .pem file

1.    Start PuTTYgen. For Actions, choose Load, and then navigate to your .ppk file.

2.    Choose the .ppk file, and then choose Open.

3.    (Optional) For Key passphrase, enter a passphrase. For Confirm passphrase, re-enter your passphrase.

Note: Although a passphrase isn't required, it's a best practice to specify one. This is a security measure to protect the private key from unauthorized use. A passphrase makes automation difficult, because users must manually log in to an instance or copy files to an instance.

4.    From the menu at the top of the PuTTY Key Generator, choose Conversions, Export OpenSSH Key.

Note: If you didn't enter a passphrase, then you receive a PuTTYgen warning. Choose Yes.

5.    Name the file and add the .pem extension.

6.    Choose Save.

Unix or Linux - install PuTTY

Install PuTTY, if it's not already on your system.

Important: The Extra Packages for Enterprise Linux (EPEL) repository contains the PuTTY package. You must activate the EPEL repository before you install PuTTY.

To install PuTTY, run one of the following commands:


$ sudo yum install putty


$sudo apt-get install putty-tools

Unix or Linux - convert a .pem file to a .ppk file

On the instance shell, run the puttygen command to convert your .pem file to a .ppk file:

$ sudo puttygen pemKey.pem -o ppkKey.ppk -O private

Unix or Linux - convert a .ppk file to a .pem file

Run the puttygen command to convert a .ppk file into a .pem file:

$ sudo puttygen ppkkey.ppk -O private-openssh -o pemkey.pem

Related information

Amazon EC2 key pairs and Linux instances

AWS OFFICIALUpdated 3 years ago