TLDR: Just skip the step 2:
Under Type of key to generate, choose RSA.
If you're using an older version of PuTTYgen, choose SSH-2 RSA.
The AWS documentation is wrong here. To convert an existing private key file (pem to ppk) in PuTTYgen, you do not need to select key type. PuTTYgen will automatically detect key type from the private key file. You will see key type of the loaded key in the two top boxes.
Also note that while currently AWS always generates RSA keys, if they ever change that, just do not worry and keep the key as it was generated, no matter what type it will be.
The selection, that the documentation incorrectly refers to, is for "generating" new keys only (as its label clearly says). It has no effect at all for converting existing keys.
Anyway, to answer the question: That's the first "RSA" option:
The SSH-2 is de-facto standard these days. So in the recent versions of PuTTYgen, they opted not to mention the version explicitly (to save a space for the new ECDSA and ED25519 key types).
The screenshot in AWS documentation is from an older version of PuTTYgen that did not support the ECDSA and ED25519 key types.
Check the PuTTYgen documentation. It explicitly mentions that all key types (with obvious exception of the "SSH-1 (RSA)") are for SSH-2.
The current version of the SSH protocol, SSH-2, supports several different key types. PuTTYgen can generate:
- An RSA key for use with the SSH-2 protocol.
- A DSA key for use with the SSH-2 protocol.
- An ECDSA (elliptic curve DSA) key for use with the SSH-2 protocol.
- An Ed25519 key (another elliptic curve algorithm) for use with the SSH-2 protocol.
PuTTYgen can also generate an RSA key suitable for use with the old SSH-1 protocol (which only supports RSA); for this, you need to select the ‘SSH-1 (RSA)’ option. Since the SSH-1 protocol is no longer considered secure, it's rare to need this option.
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…