What is the difference between the .pem and .pub and non suffixed ssh credentials files?

Question

Running "ssh-keygen -t dsa" generates two files, a private and public key. Its simple enough to comprehend that the private key is used to identify yourself to the outside world, which only sees your public key.

However, I've also seen ".pem" files used as well, and I use them myself. Whats the relationship between the .pem file and pub files. I was hoping for a simple answer, but other questions (https://serverfault.com/questions/9708/what-is-a-pem-file-and-how-does-it-differ-from-other-openssl-generated-key-file) seem to indicate that there is no simple explanation for why a pem file might be better/worse in different scenarios to a pub file.

Answer 1

.pub file format is used by SSH for public key store, this key need to share with a Server.

.pem(Privacy Enhanced Mail) is a base64 container format for encoding keys and certificates. .pem download from AWS when you created your key-pair. This is only a one time download and you cannot download it again.

.ppk(Putty Private Key) is a windows ssh client, it does not support .pem format. Hence you have to convert it to .ppk format using PuTTyGen.

non suffixed ssh file is a private key

---

Convert PEM to PPK file format

puttygen server.pem -O private -o server.ppk

Create a PEM from a PPK file

puttygen server.ppk -O private-openssh -o server.pem  

Answer 2

In SSH connections, keys are exchanged.

key1 is the private key and key.pub is the public key.

Read more at: Public-key cryptography

The .pem files are certificates (in base64), exchanged in HTTPS protocol (TLS/SSL). Read more at: X.509