64

I am confused between various keys used in encryption.

Amazon gave me key.pem

In linux i generate keys like id_rsa and id_rsa.pub

Now putty used key like key.ppk

I am really confused what type of key is used where

user22
  • 1,019
  • 2
  • 12
  • 14
  • 2
    I tried reading from internet but could not get it. when eclispe ask me to load keys what do i need to load , pem or ppk or pub – user22 Jul 16 '13 at 07:33
  • It would be nice if this overall question included how to convert between the various formats, since this information is scattered around. My server (using cPanel) gives me a certificate and a private key (not in files), so I'd like to know how to create all the other formats from those two. – David Spector Feb 01 '21 at 16:49

1 Answers1

50

key.pem can contain anything - a certificate with a public key, an SSH public key, public key + private key, certificate with a public key + private key. PEM is a text file so you can open it in notepad and check its contents.

id_rsa is an SSH private key in OpenSSH format. id_rsa.pub is an SSH public key in OpenSSH format.

.ppk file is Putty's private key (if memory serves).

To authenticate on remote server you give its admins your public key and use the private key in your SSH client. Alternatively (if admins give you the key pair), you use the private key from that keypair.

Eugene Mayevski 'Callback
  • 43,492
  • 7
  • 62
  • 119
  • 1
    ok, admin gave me pem files , how can i extract private key from there – user22 Jul 17 '13 at 03:45
  • @user22 IF PEM file contains the private key, then you don't need to extract it from there - just use the key file. Check with Eclipse if it supports loading keys from PEM. IF it doesn't, then you need to convert PEM to the format understood by Eclipse. And this would be a completely different question, probably asked and answered many times here on SO. – Eugene Mayevski 'Callback Jul 17 '13 at 10:16
  • "Alternatively (if admins give you the key pair), you use the private key from that keypair." I couldn't follow this statement. If I want to ssh into a server, are you saying that I can do it if I have the server's private key?? How? – Vishal Sharma Jan 07 '19 at 12:31
  • 1
    @VishalSharma In some organizations, for various reasons and by different technical means, the creation of authentication keys is centralized. So the admin or other authorized person gives you the keypair (e.g. on the smartcard) which becomes your personal identification entity. This is not a server key, but your key[pair]. You use it in the same way as if you generated this keypair yourself. – Eugene Mayevski 'Callback Jan 11 '19 at 16:51
  • 1
    To get public key for you PEM file in RSA format: `ssh-keygen -y -f path/to/file.pem`. [Details](https://inkel.github.io/posts/pem-to-authorized-keys/) – Samuel Oct 16 '19 at 02:33
  • Can I convert id_rsa to ppk in a terminal? I know of puttygen. – Timo Nov 06 '20 at 12:46
  • The answer is incorrect about .ppk files. They contain sections. Each section is a type of key. – David Spector Feb 01 '21 at 16:52
  • @DavidSpector you seem to compare apples to oranges. .ppk is an extension. What it stands for, what it may contain and what software uses it are three different questions. So before making bold statements, please check that you are answering the right question. – Eugene Mayevski 'Callback Feb 03 '21 at 11:41
  • Eugene, My "bold statement" was correct, but I think you are correct too, which reinforces my confusion rather than resolves it. I have found many postings about keys, certificates, etc., and not one of them is complete. I wish that someone would post a complete description of each possible security file, categorized by file extension, if any, first line of the contents, and exactly what it means and how it is used, and all that for Windows, Linux, and Mac. Such a complete description would help the many programmers who, like me, are confused each time an unfamiliar file must be used. – David Spector Feb 04 '21 at 16:03