Additional Dongle Security Solution for Terminal Login with PuTTY Private Key (PPK) File

Works with PuTTY, Tortoise SVN and Win SCP for Amazon AWS, GitHub , IBM and other clouds

TSafe 2 for PuTTY and PPK

TSafe 2 for PuTTY and PPK

ACP_PDF 2_file_document




Clouds like Amazon AWS, Github, IBM and others allows PuTTY and PuTTY Private Key (.ppk) file to log in as one of the way (for some it is the only way) for terminal login.

Using PuTTY and PuTTY Private Key for server login is considered to be a most EL RTCCsecure way to log into servers. They are but only to the extent of data transaction between your system and the cloud server.

Within your organisation, if an unauthorised person gets hold of the PuTTY Private Key (.ppk) file he can log in to the server.

On one hand use of PuTTY private key provide a better security than login id and password but unauthorised access to PPK files increases vulnerability and risk.

TSafe2 file Protection for PuTTY is designed especially to prevent unauthorised use of PuTTY private key files (.ppk files). It encrypts the PPK file using AES 128 algorithm and the encryption key is stored in a USB Dongle.

Existing Vulnerability in using PPK:

  1. Anyone who gets hold of PPK file can log in to the server.


What security TSafe2 Adds:

  1. PPK can be used only with authorised USB Dongle
  2. USB Dongle is also protected with a user-definable password.

How it works

  1. TSafe2 PuTTY file protection system comes with the management tool to help you create dongle, store PPK and directly send encrypted PPK t the user by email.
  2. On user system, it requires one-time installation of windows service which runs in the background and detects dongles and allows PPK decryption on the fly. Unencrypted files are not saved on the disc but remains only in memory elimination possibility of creating a normal PPK file by the user.
  3. A user can work on multiple servers simultaneously just like he does without encryption.
  4. PuTTY, Tortoise SVN and WinSCP can work with encrypted PPK files when authorized dongle is connected to the system.
  5. Additionally dongles are password protected to eliminate the possibility of misuse when lost.


1. TSafe2 Help ACP_PDF 2_file_document
2. TSafe2 Management Tool Download
3.A Operation of TSafe2 File Protection for PuTTY
4. Shortcode for this page is