Skip to content
ZestSSH Docs

Importing from Other Apps

ZestSSH can import connections and keys from three sources: OpenSSH config files, PuTTY .ppk key files, and PuTTY saved sessions from the Windows registry. This page explains what each import method supports and what you should expect.

Importing from SSH config files

Section titled “Importing from SSH config files”

If you have an existing ~/.ssh/config file, you can import its connection entries into ZestSSH.

Navigate to Settings > Import > SSH Config. You can either:

  • Tap Browse to pick the file from your device’s file system.
  • Paste the config file contents directly into the text field.

ZestSSH parses each Host block and extracts the following directives:

DirectiveImportedNotes
HostYesUsed as the connection label
HostNameYesFalls back to Host value if omitted
PortYesDefaults to 22
UserYesUsername for the connection
IdentityFileYesStored as a reference (key not auto-imported)
ProxyJumpYesStored for display; jump host support varies

What does not import

Section titled “What does not import”

The following directives are parsed by the config reader but are not converted into ZestSSH connection settings:

  • ProxyCommand — recognized but not mapped to a connection field.
  • LocalForward, RemoteForward, DynamicForward — port forwarding rules are recognized by the parser but not imported as forwarding rules. You need to configure these manually in ZestSSH.
  • ServerAliveInterval, ServerAliveCountMax — recognized but not applied.
  • ForwardAgent — recognized but not applied.
  • Match blocks — parsed as separate blocks but not imported as connections.
  • Wildcard Host * blocks — skipped entirely.

Validation and security

Section titled “Validation and security”

The importer rejects entries with:

  • Hostnames containing control characters, shell metacharacters, or exceeding 253 characters.
  • Ports outside the 1-65535 range.
  • Usernames containing control characters or exceeding 128 characters.
  • IdentityFile paths containing .. (path traversal).

If an entry is rejected, it is silently skipped. The import summary shows how many entries were successfully parsed.

Example

Section titled “Example”

Given this config file:

Host prod-web
    HostName 10.0.1.50
    Port 2222
    User deploy
    IdentityFile ~/.ssh/deploy_ed25519


Host staging
    HostName staging.example.com
    User admin

ZestSSH creates two connections: “prod-web” (10.0.1.50:2222, user deploy) and “staging” (staging.example.com:22, user admin). The IdentityFile reference is stored, but you still need to import or generate the corresponding key separately in ZestSSH’s identity manager.

Importing PuTTY .ppk keys

Section titled “Importing PuTTY .ppk keys”

ZestSSH converts PuTTY .ppk files (v2 and v3) to OpenSSH PEM format so they can be used for key-based authentication.

Navigate to Identities > Import Key and select your .ppk file. ZestSSH detects the PuTTY format automatically by checking for the PuTTY-User-Key-File- header.

Supported key types

Section titled “Supported key types”
Key TypeSupported
ssh-rsaYes
ssh-ed25519Yes
ECDSANo
DSANo

Encrypted .ppk files

Section titled “Encrypted .ppk files”

Encrypted .ppk files are not yet supported for direct import. If your .ppk file is encrypted, you have two options:

  1. Open the key in PuTTYgen, remove the passphrase, and save it. Then import the unencrypted .ppk file.
  2. In PuTTYgen, use Conversions > Export OpenSSH key to export the key in OpenSSH PEM format. Then import the PEM file directly into ZestSSH.

Option 2 is recommended because it avoids the conversion step entirely.

How the conversion works

Section titled “How the conversion works”

ZestSSH reads the public and private key blobs from the .ppk file, extracts the cryptographic parameters (modulus, exponent, etc. for RSA; seed and public key for Ed25519), and re-encodes them in OpenSSH PEM format. The converted key is then stored in ZestSSH’s secure storage, not as a file on disk.

Importing PuTTY saved sessions (Windows only)

Section titled “Importing PuTTY saved sessions (Windows only)”

On Windows, ZestSSH can scan the Windows registry for PuTTY saved sessions and import them as connections.

Navigate to Settings > Import > PuTTY Sessions. ZestSSH queries the registry path:

HKEY_CURRENT_USER\Software\SimonTatham\PuTTY\Sessions

For each saved session, it reads:

  • HostName — the server address.
  • PortNumber — the connection port (defaults to 22).
  • UserName — the login username.

The session name (registry key name) becomes the connection label in ZestSSH.

What does not import

Section titled “What does not import”
  • Stored passwords — PuTTY does not store passwords in the registry, and neither does this importer.
  • Private keys — PuTTY stores only the key file path (PublicKeyFile), not the key data. You need to import your .ppk file separately.
  • Proxy settings, tunnels, and terminal settings — these are PuTTY-specific and do not map to ZestSSH’s connection model.
  • Default Settings — the Default%20Settings session is always skipped.

Platform restriction

Section titled “Platform restriction”

This import method is only available on Windows. On other platforms, the PuTTY Sessions import screen displays a message explaining this limitation. If you need to move PuTTY sessions from a Windows machine to ZestSSH on Android or macOS, export your connections as an SSH config file or use ZestSSH’s encrypted backup feature to transfer between devices.

After importing

Section titled “After importing”

After any import, review the imported connections in the home screen. Check that hostnames, ports, and usernames are correct. If the import referenced identity files, make sure the corresponding keys are also imported or generated in ZestSSH.