PuTTYgen, part of the open source network networking client PuTTY, is a crucial generating tool to create public and private SSH keys for servers. The native file format of PuTTY is .ppk files. Additionally, the tool is used for SSH connectivity. So users can use PuTTY to connect and securely transfer data from localhost to remote system.
A.pem file is a container format that may just include the public certificate or the entire certificate chain (private key, public key, root certificates): Private Key; Server Certificate (crt, puplic key) (optional) Intermediate CA and/or bundles if signed by a 3rd party; How to create a self-signed PEM file.
But to use PuTTY, the private keys must be in the native format of the application. So for example, as Amazon Elastic Compute Cloud (EC2), a core part of the cloud-computing platform, generates Privacy-Enhanced Mail (PEM) file format, a user must first convert the file to .ppk file format before connecting to Linux Instance (virtual server on Amazon Web Services) from a Windows machine.
The EC2 allows users to lease virtual systems so that they can run their applications on it.
However if one plans to use PuTTY’s SSH client to connect, then they are first required to convert the .pem file to .ppk using PuTTYgen and then use PuTTY application to join local and remote hosts.
Privacy-Enhanced Mail (PEM) file extension is a format that is mainly used to transmit data, certificates, email and cryptographic keys privately. The PEM file format is a tamperproof and secure way of storing and transferring data.
As a ‘.pem file’ can store multiple types of data; it represents data with appropriate suffix. While the most common is .pem suffix, others include .key for private keys and .cer or .crt for certificates. The PEM file format encodes it with the binary-to-text encoding scheme – base64 so that it represents binary data in ASCII string.
Even though the technological advancements have led to a more secure alternative to PEM container, it is still leveraged to store public and private certificates, root certificates and many others.
Unlike most file formats that are easy to convert via online conversion tools, a user requires a specific application to convert files that have .pem extensions. PuTTYgen is one such application that quickly converts f .pem files to .ppk.
The primary requisite is to download and install PuTTY application. As part of the networking client, PuTTYgen does not have to be downloaded separately. Users must download the latest version of the app and install the entire suite. Once installed, PuTTYgen will be ready to convert .pem files to .ppk format. We will provide detail steps to convert files on both operating systems – Windows and Unix.
Note – Passphrases provide extra protection, but it sometimes gets annoying as each time a user copies files they have to enter the passphrase. Although, it entirely depends on the user if they wish or don’t wish to add the extra layer of protection
Once the file is converted to PuTTY compatible format, users can connect their local machine with remote servers.
To convert the file on Unix is far simpler than Windows. Users are first required to install PuTTY application on their Unix machines. Once done, all a user must do is enter a one-line command. First, run the PuTTYgen command and type the below-written command:
$ sudo puttygen pemKey.pem -o ppkKey.ppk -O private
Voila! The .pem files will quickly be converted to PuTTY native file format. Users can connect via PuTTY to remote servers from local systems using the newly created .ppk files on both Windows and Unix.
Once the .pem file is converted .ppk then users can connect to remote hosts using PuTTY’s SSH client. Below are steps to launch a PuTTY session.
Note: If the remote and local hosts connect for the first time using PuTTY then the application will pop up a dialog box confirming the authenticity of the connection. It just provides an added layer of security, so click ‘Yes’ when it appears.
Interestingly, one can also use PuTTY applications another component the PuTTY Secure Copy client (PSCP) to transfer files to remote servers. The PSCP is a Secure copy protocol (SCP) client that enables secure transfer of files from localhost to remote hosts.
If users are not comfortable using the command-line tool they can choose another Graphic user interface-based SCP client. One of the notable is WinSCP – an open-source multi-protocol supportive application for Microsoft Windows.
Back to PSCP, users are required to use the private key they generated while converting the .pem file to the .ppk file.
Converting a .pem file to a .ppk using PuTTYgen may now seem simple. The above information also briefs users on using PuTTY’s SSH client to connect virtual servers with local machines.