Convert OpenSSH Key Into PuTTY Format¶
About¶
The instructions below cover the case when one needs to use SSH key, already stored in OpenSSH format, with PuTTY or WinSCP on Windows desktop system.
Re-encrypt the key¶
Following the OpenSSH key format, the RSA and ECDSA private keys are stored in a key block format and encrypted by a cipher, which cannot be handled by PuTTYgen. Any attempt to decrypt that key block with PuTTYgen leads to the error message “Couldn’t load private key (unsupported cipher)”:
To avoid that error, one has to re-encrypt the private key first:
openssl ec -in ~/.ssh/id_ecdsa -des3 -out ~/.ssh/id_ecdsa.3des
or
openssl rsa -in ~/.ssh/id_rsa -des3 -out ~/.ssh/id_rsa.3des
Upon the execution of either of those command lines, one has to provide the correct password for decrypting the private key and then (twice) the same of different password for encrypting that key again.
Once ready, the file with the encrypted key (either ~/.ssh/id_ecdsa.3des or ~/.ssh/id_rsa.3des) should be transferred to the Windows desktop system, whereupon it can be converted into PuTTY format by following the steps recommended below.
Convert the key¶
You need to have the latest PuTTY installed along with its tools (PuTTYgen is part of that tools). If you do not have PuTTYgen executable available, download and run the PuTTY installer available at:
Warning
Always run the most recent version of PuTTY tools.
To run PuTTYgen go to the seach bar of Windows, type there “puttygen” (1), and click on the application icon (2):
In the applicaton’s window open the “Conversions” menu (1) and select “Import key” (2):
Select the file containing the private key in OpenSSH format (re-encrypted with 3DES, see above):
and provide the password that decrypts the key:
Upon the successful key loading, press “Save private key”:
and save the file under the name you wish (“.ppk” is the assumed file extension).
Getting help¶
See Getting help