AWS doesn’t allow to connect to the EC2 Linux Instance directly using.pem file. You need to convert the.pem key pair file to.ppk format so that it can be used with PuTTY. You need to generate a.ppk file using the free Puttygen tool from the.pem key pair file of respective Linux machine instance. For more information about creating an Amazon EC2 key pair, see Amazon EC2 Key Pairs in the Amazon EC2 User Guide for Linux Instances. For instructions about using PuTTYgen to create a.ppk file from a.pem file, see Converting Your Private Key Using PuTTYgen in the Amazon EC2 User Guide for Linux. I have a running amazon ec2 linux instance associated with a keypair (p1) and I have downloaded the private key to my home desktop. Now at work, I created a keypair (p2) on my work desktop and imported the public key to Amazon via the AWS console.

How do I convert my Amazon Elastic Compute Cloud (Amazon EC2) Privacy Enhanced Mail (.pem) file to a PuTTY Private Key (.ppk) file? Or, convert a .ppk file to a .pem file?

Short Description

May 12, 2017  Use PuTTY to access EC2 Linux Instances via SSH from Windows Posted on May 12, 2017 by braun0. Share on Facebook. (i.e mykeypair.pem) you will need to create a new EC2 instance and download a new one. A key pair consists of a public key that AWS stores and a private key file that you store (downloaded as PEM file). May 12, 2017 DOWNLOAD YOUR EC2 KEY PAIR FILE. If you have not already downloaded (or cannot locate) your key pair (i.e mykeypair.pem) you will need to create a new EC2 instance and download a new one. A key pair consists of a public key that AWS stores and a private key file that you store (downloaded as PEM file). You can generate an ssh private key (sometimes called a 'keypair') through Amazon EC2 on the AWS console or through the AWS command line tools (ec2-add-keypair). If you are using Putty, you may still need to convert to PPK format as your referenced article describes, but you are converting the ssh key.pem file, not the X.509 private key.

PuTTY doesn't natively support the private key format (.pem) generated by Amazon EC2. You must convert your private key into a .ppk file before you can connect to your instance using PuTTY. You can use the PuTTYgen tool for this conversion. This tool, available for both Windows and Unix operating system, can convert keys.

Resolution

Windows - install PuTTYgen

Most Windows operating systems have PuTTY installed. If your system doesn't, download and install PuTTYgen.

Windows - convert a .pem file to a .ppk file

Start PuTTYgen, and then convert the .pem file to a .ppk file. For detailed steps, see Convert Your Private Key Using PuTTYgen.

Windows - convert a .ppk file to a .pem file

1. Start PuTTYgen. For Actions, choose Load, and then navigate to your .ppk file.
   
2. Choose the .ppk file, and then choose Open.
   
3. (Optional) For Key passphrase, enter a passphrase. For Confirm passphrase, re-enter your passphrase.
   Note: Although a passphrase isn't required, you should specify one as a security measure to protect the private key from unauthorized use. Using a passphrase makes automation difficult, because human intervention is needed to log in to an instance or to copy files to an instance.
   
4. From the menu at the top of the PuTTY Key Generator, choose Conversions, Export OpenSSH Key.
   Note: If you didn't enter a passphrase, you receive a PuTTYgen warning. Choose Yes.
   
5. Name the file and add the .pem extension.
   
6. Choose Save.

Unix or Linux - install PuTTY

Install PuTTY, if it's not already on your system.

Important: A PuTTY package is provided by the Extra Packages for Enterprise Linux (EPEL) repository. You must enable the EPEL repository before you install PuTTY.

To install PuTTY, run one of the following commands:

RPM-based

Dpkg-based

Unix or Linux - convert a .pem file to a .ppk file

On the instance shell, run the puttygen command to convert your .pem file to a .ppk file:

Unix or Linux - convert a .ppk file to a .pem file

Run the puttygen command to convert a .ppk file into a .pem file:

Related Information

Anything we could improve?

Need more help?

Related Videos

PART 1: SSH INTO AN EC2 INSTANCE FROM WINDOWS USING PUTTY

Video Walkthrough:

https://www.youtube.com/watch?v=bi7ow5NGC-U

Generate Key Pair Linux From Pem For Aws Mac

DOWNLOAD & Install PuTTY

If you don’t have the PuTTY software installed on your system, you will need to download it from www.putty.org. Be sure to select the entire package as shown below, as it will include all the needed utilities such as puttygen and pageant.

DOWNLOAD YOUR EC2 KEY PAIR FILE

If you have not already downloaded (or cannot locate) your key pair (i.e my_key_pair.pem) you will need to create a new EC2 instance and download a new one. A key pair consists of a public key that AWS stores and a private key file that you store (downloaded as PEM file). PEM stands for Privacy Enhanced Mail and is a widely used X.509 encoding format used for security certificates. Together, the two keys enable you to securely connect to your EC2 instance using SSH.

CONVERT YOUR PEM FILE TO PPK FORMAT

PuTTY does not natively support the PEM format that AWS uses, so you need to first convert your PEM file to a PPK file (PPK = PuTTY Private Key). To do this, you use the PuTTYgen utility. To start the utility you can type puttygen in the Windows start dialog box:

On the PuTTYgen dialog box, click the Load Button and then select the .pem file that you downloaded from AWS. Note: when browsing for your pem file be sure to select All Files in the dropdown list that is located to the right of the File name field. PuTTYgen will then load and convert your file.

As the message indicates, you then need to click on “Save private key”. You will receive a warning message asking if you want to save this key without a passphrase. Be sure to select Yes.

Provide a name for your ppk file and click save.

LAUNCH PuTTY

Now that you have converted the pem file to a ppk file, you are ready to use the PuTTY utility. In the Windows start dialog box, type in putty to start the utility.

ENTER HOST NAME

Enter your Host Name into the appropriate field. This will be in the format of: user_name@public_dns_name. Be sure to specify the appropriate user name for your AMI type. For example:

•For an Amazon Linux AMI, the user name is ec2-user.

•For a RHEL AMI, the user name is ec2-user or root.

•For an Ubuntu AMI, the user name is ubuntu or root.

•For a Centos AMI, the user name is centos.

•For a Fedora AMI, the user name is ec2-user.

•For SUSE, the user name is ec2-user or root.

•Otherwise, if ec2-user and root don’t work, check with the AMI provider.

Here is an example for connecting to an Amazon Linux AMI:

SELECT YOUR PPK FILE

/battlefield-4-cd-key-generator-free.html. Next, click on the + button next to the SSH field to expand this section. Then click on Auth (which stands for authenticate) and enter the name of your private key file (i.e. the ppk file) where it says Private key file for authentication (if you click on browse you can easily search for the directory where you have stored it).

OPEN YOUR TERMINAL SESSION

Lastly, click on Open to start your SSH session.

Note: if this is the first time that you are logging into the instance, you will receive the following alert.

Click on Yes to continue.

If you did everything correctly, you will see a new window appear displaying your command line SSH session (troubleshooting hint: if the window appears but fails to connect, a common issue is that you likely have not created a rule to enable SSH inbound traffic on Port 22 in the Security Group that is attached to this instance….so double check that first).

Part 2: Connecting to a Linux Instance that is Running in a Private Subnet

USE PuTTYGEN TO CREATE A PRIVATE PPK FILE

Generate Key Pair Linux From Pem For Aws Login

You will first need to use PuTTYGen to convert your PEM file into a private PPK file that has a password. So, in PuTTYGen, choose Conversions > Import Key and select your PEM-formatted private key. Enter a passphrase and then click Save private key, as shown in the following screenshot. Save the key as a .ppk file

OPEN THE PAGEANT UTILITY THAT IS PART OF THE PuTTY PACKAGE

Pageant is an SSH authentication agent and allows you to hold your private key in memory, so that it can in turn be forwarded by PuTTY. To start the utility you can type pageant in the Windows start dialog box:

Generate Key Pair Linux From Pem For Aws Account

ADD YOUR PPK KEY FILE INTO PAGEANT

Find the Pageant icon in your Windows task bar (generally found at the bottom of your screen…look for computer terminal with a black hat on top of it). Double click on this icon then select Add Key and in the pop up dialog window navigate to the folder that contains your PPK file and select it, followed by clicking on Open. When you select the PPK file, you’re prompted to enter the passphrase you chose when you converted the key. You can then close the Pageant Key List window after your key has been added:

OPEN UP THE MAIN PuTTY UTILITY

On the main screen (Session) enter the Host Name information for your instance as was described earlier in this guide (i.e. user_name@public_dns_name). Then click on SSH and select the Auth tab. Click on Allow agent forwarding and leave the Private key file for authentication empty as shown here:

Then click on Open and it should connect you to your publically accessible EC2 instance (in this scenario, this instance would be referred to as the Bastion host or a jump box).

CONNECTING TO THE PRIVATE INSTANCE

Generate Key Pair Linux From Pem For Aws Free