PEM vs PPK: SSH Key Formats Compared

PEM and PPK store the same kind of SSH private key in two incompatible container formats. This article explains the difference, when to use each, and how to convert between them without regenerating the key.


PEM and PPK are two ways of packaging the same SSH private key. The underlying key material is identical — what differs is the container format and which tools can read it. PEM is the OpenSSH world (Linux, macOS, AWS); PPK is the PuTTY world (Windows). Knowing which is which saves a lot ofUnable to use key file errors.

What Is PEM?

PEM (Privacy-Enhanced Mail) is the base64, text-based container used by OpenSSH and most Unix tooling. You will recognise it by its header and footer lines:

text
-----BEGIN OPENSSH PRIVATE KEY----- b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAA... -----END OPENSSH PRIVATE KEY-----

You may also see older PEM variants such as -----BEGIN RSA PRIVATE KEY----- (PKCS#1) or-----BEGIN PRIVATE KEY----- (PKCS#8). These are still PEM — the header just names the internal encoding. OpenSSH (ssh, scp, sftp) and AWS EC2 all expect PEM.

What Is PPK?

PPK (PuTTY Private Key) is the proprietary format used by PuTTY and related Windows tools — WinSCP, FileZilla, and Pageant. A PPK file is human-readable and starts with a version line:

text
PuTTY-User-Key-File-3: ssh-ed25519 Encryption: none Comment: deploy@acme-corp Public-Lines: 2 AAAAC3NzaC1lZDI1NTE5AAAAIFq7kX2mPzR8wNvT4aYcE9oJd1sHguB6iLKM3nx5UeQZ ...

PPK bundles the public key, private key, a comment, and an integrity MAC in one file. Crucially, OpenSSH cannot read a .ppk directly — you must convert it to PEM first.

PPK Version 2 vs Version 3

There are two PPK versions in the wild, and the difference matters for compatibility:

  • PPK v2 — uses HMAC-SHA-1 for integrity and AES-256-CBC for passphrase encryption. Supported everywhere, including older WinSCP and CI systems.
  • PPK v3 — introduced in PuTTY 0.75, uses the memory-hard Argon2 key-derivation function for much stronger passphrase protection. Not readable by some older tools.
Hitting a compatibility error?If an older tool rejects your key, re-save it as PPK v2 in PuTTYgen (Key → Parameters), or convert it to PEM with the PPK to PEM converter.

Which Format Should You Use?

Match the format to the tool that will consume the key:

  • Use PEM for OpenSSH on Linux/macOS, AWS EC2 (ssh -i key.pem), Ansible, and most CI/CD pipelines.
  • Use PPK for PuTTY, Pageant, WinSCP, and FileZilla on Windows.

You never need to regenerate a key just to change formats — converting preserves the same key pair and fingerprint.

Converting Between PEM and PPK

The quickest path is the browser-based converters, which keep the same key and never store your file:

Prefer the command line? PuTTY's puttygen handles both directions:

bash
# PPK to OpenSSH PEM puttygen key.ppk -O private-openssh -o key.pem # OpenSSH PEM to PPK puttygen key.pem -o key.ppk
Fix permissions after converting to PEMOpenSSH refuses private keys that other users can read. After saving a PEM file, runchmod 600 key.pem (or chmod 400 for AWS) before using it.

New to SSH keys altogether? Start with SSH Keys Explained: Public vs Private Keys, or generate a fresh pair with the SSH Key Generator.