In this article we will cover how to convert Amazon EC2 .pem(Privacy Enhanced File) file into .ppk(Putty Private Key) file.
Before we move further we should know some fundamentals on amazon pem format and what is the need to convert into ppk file which can be used only by PuTTY.
If you are already familiar with these 2 file formats and looking for how to convert pem file into PuTTY compatible ppk file format, please skip the introduction and continue reading from Connecting to Your Linux Instance Using PuTTY.
Amazon EC2 Key Pairs
When you launch an EC2 instance, you should specify the name of the key pair you plan to use while connecting to the instance.
Amazon EC2 uses public–key cryptography to encrypt and decrypt login information. Public–key cryptography uses a public key to encrypt a piece of data, such as a password, then the recipient uses the private key to decrypt the data. The public and private keys are known as a key pair.
To log in to your instance, you must provide the private key. On a Linux instance, the public key content is placed in an entry within ~/.ssh/authorized_keys. This is done to securely access your instance using the private key instead of a password. Amazon EC2 stores the public key only, and you store the private key.
When you generate the key pair, The private key file is automatically
downloaded to your browser. The base file name is the name you specified as the
name of your key pair, and the file name extension is .pem
that means amazon returns the private key in PEM file format.
What is PEM File Format ?
PEM or Privacy Enhanced Mail is a Base64 encoded DER certificate. PEM is a X.509 certificate, encoded using the DER (distinguished encoding rules), then run through Base64 encoding and placed between plain-text anchor lines (BEGIN CERTIFICATE and END CERTIFICATE) PEM certificates are frequently used for web servers as they can easily be translated into readable data using a simple text editor.
What is PPK File Format ?
Files created by PuTTYgen are known as PPK files. PPK files are PuTTY Private Key Files developed by Putty and they serve as storage for the private keys the program generated. These files are used to enable communication securely with another party having the corresponding public key
About PuTTY
PuTTY is a free implementation of SSH and Telnet for Windows, Unix and Linux platforms. PuTTY is a very versatile tool for remote access to another computer. It’s probably used more often by people who want secure remote shell access to a UNIX or Linux system than for any other purpose.
Connecting to Your Linux Instance Using PuTTY
PuTTY can be used to securely connect to the Linux instance running in AWS through SSH.
PuTTY does not natively support the private key format (.pem) generated by Amazon Elastic Compute Cloud (Amazon EC2). You must convert your private key into a .ppk file before you can connect to your instance using PuTTY. PuTTY has a tool named PuTTYgen, which can be used by both Windows and Unix operating system users to convert keys. We can also use any other SSH client to connect to the Linux instances running in AWS.
We can also use any other SSH client to connect to the Linux instances running in AWS.
Install PuTTY on Windows
If you don’t have the PuTTY software installed on your system, you will need to download it from putty site. Be sure to select the entire package as shown below, as it will include all the needed utilities such as puttygen and pageant.
Execute the downloaded installer and it will ask you to install other tools like PuTTYgen, select to install all other tools listed during the installation.
The PuTTY application is now ready to use. Before We can use it to connect to any EC2 instance, We must convert the private key to a PuTTY-acceptable file format and load the key into the SSH authentication agent by choosing following path Connection → SSH → Auth which can be found on the PuTTY Configuration menu.
Convert PEM Format To PPK Format in Windows
PuTTY does not natively support the PEM format that AWS uses, so we need to first convert PEM file to a PPK file. To do this, use the PuTTYgen utility. To start the utility, type puttygen in the Windows start dialog box
On the PuTTYgen dialog box, click the Load Button and then select the .pem file that you downloaded from AWS. PuTTYgen does not list out pem files by default, so select All Files in the dropdown list that is located to the right of the File name field.
After you select the pem file, it will be successfully imported into ppk format and now you can save the private key.
As the message indicates, you then need to click on “Save private key”. You will receive a warning message asking if you want to save this key without a passphrase. Be sure to select Yes and provide the file name to save the converted private key.
Install PuTTY on Unix or Linux
Install PuTTY, if it’s not already on your system, by running one of these commands:
RPM-based:
$ sudo yum install putty
pkg-based:
$sudo apt-get install putty-tools
Convert PEM Format To PPK Format in Unix or Linux
On the instance shell, run the puttygen command to convert your .pem file to a .ppk file
$ sudo puttygen pemKey.pem -o ppkKey.ppk -O private
Conclusion
We have seen how to import the Amazon generated .PEM format into .PPK format. Now you can connect to the EC2 Linux instance using PuTTY by providing the right public DNS name and configuring this .PPK file as private key.