How to get a .pem file from ssh key pair?

I created a key pair using ssh-keygen and get the two clasic id_rsa and id_rsa.pub.

I imported the public key into my AWS EC2 account.

Now I created a windows instance and to decrypt that instance password, AWS console is asking me for a .pem file. How I can get that .pem file from my two id_rsa and id_rsa.pub files?

Solution

According to this, this command can be used:

ssh-keygen -f id_rsa -e -m pem

This will convert your public key to an OpenSSL compatible format. Your private key is already in PEM format and can be used as is (as Michael Hampton stated).

Double check if AWS isn't asking for a (X.509) certificate in PEM format, which would be a different thing than your SSH keys.

Comments (5)

+1 – But they don't need the public key do they? They need the private key for decrypting their password from the AWS Console — Jul 16, 2015 at 18:40
+1 – There's also good information on this here: unix.stackexchange.com/questions/26924/… — Jul 16, 2015 at 20:17
+1 – This doesn't work on OS X (ssh -v ==> OpenSSH_6.2p2) — Mar 03, 2016 at 20:50
+5 – contrary to the documentation, it will output PUBLIC key in PEM format, not the private one. currently ssh-keygen does not support converting private keys. — Aug 10, 2018 at 08:44
+3 – id_rsa contains the keypair, not just the private key. — Jul 30, 2020 at 07:41

Linked Articles

Local articles referenced by this article:

ssh - Converting keys between openssl and openssh

References

https://serverfault.com/questions/706336