ScanSkill
Home Blog Courses Contact Us About Us Privacy Policy
Sign up for daily dose of tech articles at your inbox.
DevOps AWS

[SOLVED] Load .pem file: Invalid Format — Error Connecting to Server with SSH and Private Key

Sagar Budhathoki
[SOLVED] Load .pem file: Invalid Format — Error Connecting to Server with SSH and Private Key
[SOLVED] Load .pem file: Invalid Format — Error Connecting to Server with SSH and Private Key

In this article, we’ll discuss different solutions to “Load key ‘yourprivkey.pem’: invalid format” i.e. error connecting to server with ssh and private key.

If you get such an error when trying to SSH into a remote server using a private key file even if the private key you’re using is valid, it may be because the key was generated with PuTTY or similar.

In my case, I was trying to connect(from Arch Linux) to an Amazon AWS EC2 instance(ubuntu) using a private key generated on another machine, but then I got the error:

Load key "myprivkeyfile.pem": invalid format

Since there was no possibility to regenerate SSH key again, I tried several approaches to solve the issue, and I finally different solutions for this error.

My issue was fixed with both Solution-2 and Solution-3.

Prerequisites

  • OpenSSH set up on your machine

Solutions

In your case, one of the following might be the solutions for such an error.

Solution-1: Private Key file formatting

In most cases, your private key file format may cause this error. So, first, simply check the key file format. Private Key file (.pem) should begin with ----BEGIN OPENSSH PRIVATE KEY----- and should end with ----END OPENSSH PRIVATE KEY-----. So, check if there are any extra letters or lines, or characters present. If present edit the file and retry to SSH.

Your private file should look like this:

-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAsdfdfAABAAAAMwAAAAtz
c2gtZWQyNTUxOQAAACDWik6Vi8QNoN+fmW/vWZpelbPUZrOdrGuQEdsfsdTSHlUyANgAA
AIjTxTHV08Ux1QAAAAtzc2gtZWQyNdfsdTUxOQAAACDWik6VfsdaNoN+fmW/vWZpelbPU
ZrOdrGuQETSHlUyANgAAAEAwUQIBATAFBgMrZXAEIgQgwHMZQ5Lqoqo5MKEKzsdfffJxH
q9aKTpWLxA2g35+Zb+9Zml6Vs9Rms52sa5ARNIeVTIA2AAAAAAECAwQFsdfsdfsd
-----END OPENSSH PRIVATE KEY-----

Solution-2: Using PuTTY

In my case, it was the issue with the OpenSSH update(since I was using Arch Linux) and PuTTYgen. So, I installed PuTTY in my system and generated .ppk file from my private .pem key (myprivkefile.pem). Then I tried to SSH into the server again and now I am able to connect using SSH.

Steps:

$ sudo pacman -S putty

You may need to install putty-tools if you’re using another OS(e.g ubuntu) than Arch Linux. Download it if needed.

For Ubuntu:

$ sudo apt-get install putty-tools

For windows, download PuTTY and install it.

Then generate a .ppk file from a private key file:

For Linux/Mac:

$ puttygen myprivkey.pem -o myprivkey.ppk

For Windows

  • Open PuTTYGen and click on Load button.
  • Set file type to *.* and select PEM file and Click Save Private Key.
  • The newly converted .ppk file is now ready.

Now connect using .ppk file with PuTTY.

  • Go to Connection > SSH > Auth.
  • Select .ppk file you just created.
  • Now, go to Connection > Data.
  • In Auto-login username, type user of your server. In my case, it’s ubuntu.
  • Finally, click on Open. And you will get connected to the server:

Solution-3: Using Re-conversion of PEM file

Sometimes, PuTTY may not be suitable for some operations like — scp copying or moving files between the server and the local machine. In such a case, you may need to use the terminal only and this is the solution for you.

For this also, you need to install PuTTY on your machine.

Convert invalid PEM file into .ppk file as in solution-2. Then again convert just converted .ppk file into new .pem file:

For Linux/Mac:

$ puttygen myprivkey.ppk -O private-openssh -o newmyprivkey.pem

For Windows:

  • Open PuTTYgen. (Download it, if you haven’t already)
  • Under File, Click on Load private key.
  • Load .ppk file,
  • From Conversions tab click on Export OpenSSH Key.
  • Save new private key with extension .pem.

You can also try converting an old PEM file instead of .ppk file to a new PEM file. And for anyone who has tried puttygen ~/path/to/yourprivkey.pem -O private-openssh -o ~/path/to/yourprivkey-new.pem and got an error message saying puttygen: this command would perform no useful action there is another format you can use as follows:

$ puttygen myprivkey.pem -O private-openssh-new -o newmyprivkey.pem

And now you are ready to use the key to log in to your server with the newly generated PEM file(newmyprivkey.pem). Try SSH-ing.

$ chmod 400 newmyprivkey.pem
$ ssh -i newmyprivkey.pem ubuntu@ec2-1-3-13-7.ap-southeast-2.compute.amazonaws.com

Hurrah!! you’ll be now able to connect using a new private key.

Conclusion

In this article, we discussed how we can solve the error connecting to server with SSH and private key.

Thank you!!

Sign up for daily dose of tech articles at your inbox.
Learn To Code
References Examples
ScanSkill Blogs
Copyright 2024 — ScanSkill. All rights reserved. Maintained By CloudyFox Developers