Is there a way to convert PEM files to PPK files? (you may guess that Amazon EC2 gives me a PEM file, and I need to use the PPK format for SSH connectivity).
Use PuTTYGen
Creating and Using SSH Keys
Overview
vCloud Express now has the ability to create SSH Keys for Linux servers. This function will allow the user to create multiple custom keys by selecting the "My Account/Key Management" option. Once the key has been created the user will be required to select the desired SSH Key during the “Create Server” process for Linux.
Create and Use SSH Keys
Create keys
Navigate to “My Account”
Select “Key Management”
Create New Key.
During the key creation process you will be prompted to download your private key file in .PEM format. You will not be able to download the private key again as it is not stored in vCloud Express.
The “Default” checkbox is used for the API.
Deploy server and select key
Connect
SSH (Mac/Linux)
Copy .PEM file to the machine from which you are going to connect.
Make sure permissions on .PEM file are appropriate (chmod 600 file.pem)
Connect with ssh command: ssh vcloud#ipaddress –i privkey.pem
Putty (Windows)
Download Putty and puttygen from - here
Use puttygen to convert .PEM file to .PPK file.
Start puttygen and select “Load”
Select your .PEM file.
Putty will convert the .PEM format to .PPK format.
Select “Save Private Key” A passphrase is not required but can be used if additional security is required.
Connect with Putty.
Launch Putty and enter the host IP address. If connecting to the 10.X private address you must first establish an SSL VPN connection.
Navigate to Connection/SSH/Auth
Click “Browse” and select the .PPK file you exported from puttygen.
Click “Open.” When connection comes up enter username (default is vcloud).
Instructions copied from here
I'm rather shocked that this has not been answered since the solution is very simple.
As mentioned in previous posts, you would not want to convert it using C#, but just once. This is easy to do with PuTTYGen.
Download your .pem from AWS
Open PuTTYgen
Click "Load" on the right side about 3/4 down
Set the file type to *.*
Browse to, and Open your .pem file
PuTTY will auto-detect everything it needs, and you just need to click "Save private key" and you can save your ppk key for use with PuTTY
Enjoy!
If you have Linux machine just install puttygen in your system and use use below command to convert the key
pem to ppk use below command:
puttygen keyname -o keyname.ppk
Below command is use to convert ppk to pem not pem to ppk
puttygen filename.ppk -O private-openssh -o filename.pem
Download puttygen
Then open puttygen
click load
Set the file type to . all files
Save PrivateKey
and then u can just save any name that file became an ppk file
To SSH connectivity to AWS EC2 instance, You don't need to convert the .PEM file to PPK file even on windows machine, Simple SSH using 'git bash' tool. No need to download and convert these softwares - Hope this will save your time of downloading and converting keys and get you more time on EC2 things.
Convert .pem file to .ppk for Windows 10
You need to do following:
1. Download PuTTYGen with Pageant.
2. Press "load" button and select your ".pem" file.
3. Press "save private key" button and save your ".ppk" file.
4. Open Pageant and press "add key" button. Just all. Keep running Pageant in background.
5. Now login through SSH or SFTP without selecting password field.
Save YourPEMFILE.pem to your .ssh directory
Run puttygen from Command Prompt
a. Click “Load” button to “Load an existing private key file”
b. Change the file filter to “All Files (.)
c. Select the YourPEMFILE.pem
d. Click Open
e. Puttygen shows a notice saying that it Successfully imported foreign key. Click OK.
f. Click “Save private key” button
g. When asked if you are sure that you want to save without a passphrase entered, answer “Yes”.
h. Enter the file name YourPEMFILE.ppk
i. Click “Save”
PuTTYgen for Ubuntu/Linux and PEM to PPK
sudo apt install putty-tools
puttygen -t rsa -b 2048 -C "user#host" -o keyfile.ppk
I used a trial version of ZOC Terminal Emulator and it worked. It readily accepts the Amazon's *.pem files.
The trick is though, that you need to specify "ec2-user" instead of "root" for the username - despite the example shown in the EC2 console, which is wrong! ;-)
sudo yum install putty
sudo apt-get install putty-tools
To convert your .pem file to a .ppk file
sudo puttygen pemKey.pem -o ppkKey.ppk -O private
To convert a .ppk file to a .pem file
sudo puttygen ppkkey.ppk -O private-openssh -o pemkey.pem
I had the same issue with PuttyGen not wanting to import an openSSH private key. I tried everything and what I found out was the old version of PuttyGen did not support importing OpenSSH. Once I downloaded the latest Putty, puttygen then allowed it to import the openssh private key just fine. I now have a hole in the side of my desk for pounding my head against it for the past hour.
Related
I am on a MAC and open terminal, I know how to log into ssh with the command ssh root#domain.com
However this web server sent me a .pem key to use as the password.
Normally I just enter the password and get in.
I have no idea and can't find any help online that makes sense to me as I don't normally do this sort of thing.
I need to get in there to zip a folder and download it.
Please help?
Thanks
-O
SSH -i /loc/xyz.pem username#ipaddress
Enter password for the pem file on getting prompted.
For downloading a file, it's as simple as doing(from local system)
SCP -i /loc/xyz.pem username#ipaddress:/serverloc/file.zip /localaddress/
I want to change my remote server SSH. Currently I login through a .pem file
ssh -l ubuntu -i .ssh/myfile.pem XX.XX.XXX.XXX
I tried to find how to change that access key but I found only that methor :
ssh-keygen -t rsa -b 2048
cp id_rsa.pub authorised_keys
scp authorized_keys ubuntu#XX.XX.XXX.XXX:/home/ubuntu/.ssh
I see no .pem file generated, plus how can I connect now ?
I want to make sure before I do anything so I don't lose ability to connect via SSH.
Should I remove the old key with :
ssh-keygen -R hostname
If yes, when ? after or before the scp ? if after this will remove both keys, if before then I wouldn't be able to perform scp !!!
I am a bot confused.
I see no .pem file in my remote, the pem file is only in my local .ssh folder. in remote .ssh I see :
With "ssh-keygen" command you generate a pair of public and private keys (by default stored in $HOME/.ssh).
Then you copy the public key in your remote server, and the private key in your local client (with permissions 0600). You can use "ssh-add" command to add the private key to the authentication agent to be able to connect to the remote server.
I have a Windows Vista with a secure connection to my Centos server, using SSH pair keys. I would like to use the same .PPK on iMac. I have used PuttyGen to create .PEM extension but it is not working.
I also created a new pair keys on iMac and appended the .PUB to the know_host file on Centos server. But this one is not working either.
Can anyone please walk me through trouble shooting? Thanks!
SSH doesn't use .PEM or .PPK files. For SSH keypairs you should have two files, a private key (id_rsa) and a public key (id_rsa.pub).
The id_rsa file is the one on your Mac (or Windows Vista PC) and the id_rsa.pub file's contents should be copied to the file authorized_keys, NOT known_hosts on your CentOS server.
The location of the authorized_keys file on the CentOS server will be in:
~/.ssh
Another option would be to generate a new SSH keypair on the Mac. You can find instructions on how to do this here:
https://www.digitalocean.com/community/tutorials/how-to-connect-to-your-droplet-with-ssh
i have my access key, secret key, and the downloaded cert pem file.
i understand SSH requires a private key file in order to establish a terminal SSH connection to my instance.
what i did find through Google is that i need to use puttygen to convert my cert pem file into a private key file:
http://www.techrepublic.com/blog/datacenter/connect-to-amazon-ec2-with-a-private-key-using-putty-and-pageant/5085
however, all the instructions i found are based on a GUI puttygetn and i only have the CL version because i am running Linux Fedora 16 on my laptop. i did yum PuTTy, which came with a GUI but puttygen only has a CL version. what i tried to do in puttygen is as follows:
>puttygen cert-***.pem -o default.pem
puttygen: error loading `cert-***.pem': file does not begin with OpenSSH key header
can anybody point what i am doing wrong and how i can use CL puttygen to convert my cert file to a private key file that is usable by SSH to connect to my instances?
thanks in advance
If you are running Linux at the command line, why are you needing to make a ppk with puttygen? Basically the keypair you get from AWS IS in pem format suitable for using in ssh command line.
So if you saved your .pem file from Amazon as /path/to/aws.pem, all you need to do is
ssh -i /path/to/aws.pem user#hostname.com
The ssh private key is completely different from the X.509 certificate and private key. It's a little confusing because folks often save the ssh private key generated by EC2 in a ".pem" file just like the cert and pk use.
You can't convert or use the X.509 certificate or private key for ssh as you tried to do.
You can generate an ssh private key (sometimes called a "keypair") through Amazon EC2 on the AWS console or through the AWS command line tools (ec2-add-keypair). If you are using Putty, you may still need to convert to PPK format as your referenced article describes, but you are converting the ssh key .pem file, not the X.509 private key or certificate.
If you know how to generate your own ssh key locally (or have already done so) then I recommend doing this and uploading the ssh public key to EC2.
When you run an EC2 instance, you then specify the ssh keypair name so that EC2 makes the ssh public key available to the instance, letting you securely ssh in to your new server.
I generated a keys with putty w/ no passphrase. putty works fine, but now i installed cygwin and would like to use ssh to login. For some reason i'm prompted for a passphrase? why? putty just logs straight in? i don't want to have to generate a new key and annoy the network admins. here is what it looks like in cygwin:
$ ssh -i Documents\ and\ Settings/xxxxx/My\ Documents/xxxxx\ putty\ keys/private\ key.ppk dev.xxxxxx.com
Enter passphrase for key 'Documents and Settings/xxxxx/My Documents/xxxxx putty keys/private key.ppk':
Permission denied (publickey).
Putty uses its own .ppk format for keyfiles, and Cygwin's ssh probably can't read them correctly.
Solution: convert the .ppk file to OpenSSH key format with puttygen.exe.
You need to get "puttygen.exe" from the putty webpage http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html to convert your key to the OpenSSH format. Then it should just work.
If you can login with putty, there is no need to "annoy the network admins". Just generate a new key with cygwin, then login with putty and place your new public key in your .ssh/authorized_keys file. You should now be able to login with cygwin's ssh.
EDIT:
By the way, a sure way to "piss off" any admin is to use unencrypted keys.
You can export PuTTY keys to OpenSSH format and append them to your .ppk file, so that it becomes a valid key for ssh-add.
Just export the private key with PuTTYGen then add it to the .ppk file, then you should be able to ssh-add it. But note that when you edit the .ppk itself with PuTTYGen, it will ovewrite the file.
You can also use a script like this for adding a .ppk file into your SSH agent:
file=~/`basename $0`.tmp
trap "rm -v $file" EXIT
echo -n "Password: "
read -s pwd
echo $pwd | puttygen -P -q -O private-openssh $1 -o $file
ssh-add $file
Source: http://bazaar.launchpad.net/~renatosilva/+junk/scripts/view/head:/ppk-add.sh