Member-only story
Its quite often that we need to ssh into a remote instance using tools like PuTTY, WinSCP etc.. These tools do not accept the PEM format for ssh keys but instead it uses the PPK format. One of the most common examples is accessing an AWS EC2 instance that normally provides a PEM format key, but you want to use PuTTY tool to connect to the instance and it only allows ppk formatted keys. This article aims to explain the difference between the two formats and how it can be easily transformed to the other format.
PEM format:
PEM (Privacy Enhanced Mail) is a Base64 encoded DER certificate. The header and footer normally identifies the type of file , but it is not necessary to always specify the header and footer.
CSR in PEM format =>
-----BEGIN CERTIFICATE REQUEST -----
...
...
-----END CERTIFICATE REQUEST -----Private key in PEM format =>
-----BEGIN RSA PRIVATE KEY -----
...
...
-----END RSA PRIVATE KEY -----Certificate file in PEM format =>
-----BEGIN CERTIFICATE -----
...
...
-----END CERTIFICATE -----
For ssh or secure connectivity like scp, sftp etc the content of the PEM contains the private key. For example
-----BEGIN RSA PRIVATE KEY-----
MIIJKQIBAAKCAgEA7KJNfdzB48VhwaRkswfpZOP6OC0nEhc4eRxhuD0tVeUOiIaC
ojukf7t1MQxJJXdlWpV3e8NOyOFxlzC8N9Ij1/OCaxTboRDdKC6g1ZFFFhdWeRBr
..
..
XoSojpZUIYLcdEK3WYGkQAjfpT3QH2a4lsNnAFBbwaV0royAfRva97iKlg96MALl…
