31

Running "ssh-keygen -t dsa" generates two files, a private and public key. Its simple enough to comprehend that the private key is used to identify yourself to the outside world, which only sees your public key.

However, I've also seen ".pem" files used as well, and I use them myself. Whats the relationship between the .pem file and pub files. I was hoping for a simple answer, but other questions (https://serverfault.com/questions/9708/what-is-a-pem-file-and-how-does-it-differ-from-other-openssl-generated-key-file) seem to indicate that there is no simple explanation for why a pem file might be better/worse in different scenarios to a pub file.

Community
  • 1
jayunit100
  • 641

2 Answers2

18

.pub file format is used by SSH for public key store, this key need to share with a Server.

.pem (Privacy Enhanced Mail) is a base64 container format for encoding keys and certificates. .pem download from AWS when you created your key-pair. This is only a one time download and you cannot download it again.

.ppk (Putty Private Key) is a windows ssh client, it does not support .pem format. Hence you have to convert it to .ppk format using PuTTyGen.

non suffixed ssh file is a private key

Convert PEM to PPK file format

puttygen server.pem -O private -o server.ppk

Convert PPK to PEM file format

puttygen server.ppk -O private-openssh -o server.pem
s3c
  • 123
Premraj
  • 2,356
3

In SSH connections, keys are exchanged.

key1 is the private key and key.pub is the public key.

Read more at: Public-key cryptography

The .pem files are certificates (in base64), exchanged in HTTPS protocol (TLS/SSL). Read more at: X.509

Ryan Casas
  • 103
Angel
  • 118