AWS/Azure/OpenShift Linux Windows

How to convert a PEM Key to a PPK Key on a Linux VM in AWS or on Windows 10 and 11 in Azure Platform


A public/private key pair is required to connect to a running Linux instance using an SSH client. An SSH client is not included with Windows. PuTTY is a popular SSH client that is available for free download and use. PuTTY, on the other hand, does not support the PEM (Privacy Enhanced Mail) key format. Because the key obtained from AWS EC2 Instance or Microsoft Azure Virtual Machine is in PEM format, it must be converted to PPK (PuTTY Private Key). PuTTYgen, fortunately, helps in converting PEM key files to PPK format. You can also learn how to enable Telnet via the command line and GUI in Windows 10 and Windows Server and how to access EC2 Linux Instance via the Password

PuTTYgen is also available for free download and use. If you’re looking for ways to generate an SSH key in Windows 10, refer to a post on how to Generate SSH Key in Windows 10. If you will like to learn how to view Putty logs, review this post on how to view Putty logs.

This is only necessary for Windows users. If you are using Mac or Linux, you can use the PEM file you downloaded directly. If you are using a Mac or Linux, continue to the next lab step.

Converting PEM to PPK Key

1: To carry out the exercise, if you do not already have PuTTYgen, download the PuTTYgen executable from the following link: PuTTYgen.
2. Locate the downloaded PuTTYgen in the download folder of your computer and double click to start it. (no installation is required)

Starting PUTTYgen

3. Click Load and navigate to the location of the private key file to be converted (for example privatekey.pem) which was downloaded from the AWS EC2 Instance Console or Azure Portal. Here my PEM Key file was downloaded to the download location of my local PC.

 Note: PuTTYgen displays only files with the .ppk extension by default. In order to see your PEM file, change the drop-down next to File name to All Files.
Choose All Files

4.  Select your .pem key file and click Open.

Selecting the PEM Key

PuTTYgen displays the following message:

Warning Message Displays

5. Click OK. PuTTYgen displays a dialog that contains information about the key you loaded, such as the public key and fingerprint.

Save the Key

6. To save the key in PuTTY format, click Save private key. Do not choose a password as extra security is not required. When asked if you’re sure you want to save without a passphrase, click Yes.

After clicking on save, the format will automatically give you the PUTTY Private Key Files.

PUTTY Private Key Files
Disclaimer: Make sure to keep your private key somewhere safe.

You can now connect to the running Linux instance created previously on AWS or Azure using PuTTY.

Connecting to Linux VM Instance

An SSH client is required to manage a remote Linux server. SSH is a cryptographic network protocol used to secure data communication. It creates a secure channel across an insecure network. Remote command-line login and remote command execution are two common applications.

SSH clients that accept standard PEM keys are included with Linux distributions and macOS. An SSH client is not included with Windows. As a result, instructions for users running Linux/macOS and Windows on their local host are included in this Lab Step. Depending on your local operating system, only one of them is required.

To connect to the instance, the PuTTY SSH client will use the key pair format that the private key requires. The public key is already present on the running Linux instance. Windows has no SSH client, so you must install one. This part of the will use PuTTY which was previously converted from PEM key PPK using PuTTYgen in the steps above.

To connect using PUTTY, Open PuTTY and insert the EC2 instance public IP Address in the Host Name field:

Enter your EC2 Instance Public IP Address
Note: The Public IP can be found by navigating to the AWS EC2 console and selecting an available EC2 instance. For Azure VM, you can find the Public IP in the overview page of the VM

Browse to Connection > SSH > Auth in the left pane and then select the downloaded private key in PPK format:

Browse to SSH

While still selecting Auth, click Browse on right side to locate the PPK key.

Locating the PPK Key

Select the PPK key and click on Open. When prompted, click on Accept

Connection Prompt

The login terminal interface displays. Enter the username for your EC2 or Azure VM. Here my EC2 username is ec2-user.

Entering the VM Username

Finally, the login screen where you can interact with your Linux server in the cloud shows up.


I hope you found this blog post helpful. If you have any questions, please let me know in the comment session.

Notify of

Inline Feedbacks
View all comments
Would love your thoughts, please comment.x