Creating a Key Pair

Overview

A key pair that consists of a public key and a private key is required for authentication when you log in to an ECS. Both the public and private keys are used for authentication. Therefore, you must use an existing key pair or create a new one for remote login authentication.

Constraints

Creating a Key Pair on the Management Console

  1. Log in to the management console.
  2. Click in the upper left corner and select your region and project.
  3. Under Computing, click Elastic Cloud Server.
  4. In the navigation pane on the left, choose Key Pair.
  5. On the right side of the page, click Create Key Pair.
  6. Enter the key name and click OK.

    An automatically allocated key name consists of KeyPair- and a 4-digit random number. Change it to an easy-to-remember one, for example, KeyPair-xxxx_ecs.

  7. Manually or automatically download the private key file. The file name is the specified key pair name with a suffix of .pem. Securely store the private key file. In the displayed dialog box, click OK.

    This is the only opportunity for you to save the private key file. Keep it secure. When creating an ECS, provide the name of your desired key pair. Each time you log in to the ECS using SSH, provide the private key.

Creating a Key Pair Using puttygen.exe

  1. Download and install PuTTY and PuTTYgen.

    https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html

    PuTTYgen is a key generator, which is used to create a key pair that consists of a public key and a private key for PuTTY.

  2. Obtain the public and private keys.

    1. Double-click puttygen.exe to switch to the PuTTY Key Generator page.
      Figure 1 PuTTY Key Generator
    2. Click Generate.

      The key generator automatically generates a key pair that consists of a public key and a private key. The public key is shown in the red box in Figure 2.

      Figure 2 Obtaining the public and private keys

  3. Copy the public key content to a .txt file and save the file in a local directory.

    Do not save the public key by clicking Save public key. Storing a public key by clicking Save public key of puttygen.exe will change the format of the public key content. Such a key cannot be imported to the management console.

  4. Save the private key and keep it secure. The private key can be downloaded only once.

    The format in which to save your private key varies depending on application scenarios:

    • Saving the private key in .ppk format
      When you are required to log in to a Linux ECS using PuTTY, you must use the .ppk private key. To save the private key in .ppk format, perform the following operations:
      1. On the PuTTY Key Generator page, choose File > Save private key.
        Figure 3 Save private key
      2. Save the converted private key, for example, kp-123.ppk, in a local directory.
    • Saving the private key in .pem format
      When you are required to log in to a Linux ECS using Xshell or attempt to obtain the password for logging in to a Windows ECS, you must use the .pem private key for authentication. To save the private key in .pem format, perform the following operations:
      1. Choose Conversions > Export OpenSSH key.

        If you use this private file to obtain the password for logging in to a Windows ECS, when you choose Export OpenSSH key, do not configure Key passphrase. Otherwise, obtaining the password will fail.

        Figure 4 Export OpenSSH key
      2. Save the private key, for example, kp-123.pem, in a local directory.

  5. Import the public key to the system. For details, see "Copying the public key content" in Importing a Key Pair.

Importing a Key Pair

If you store a public key by clicking Save public key of puttygen.exe, the format of the public key content will change. Such a key cannot be imported to the management console. To resolve this issue, obtain the public key content in correct format and import the content to the management console. For details, see Why Does a Key Pair Created Using puttygen.exe Fail to Be Imported on the Management Console?

  1. Log in to the management console.
  2. Click in the upper left corner and select your region and project.
  3. Under Computing, click Elastic Cloud Server.
  4. In the navigation pane on the left, choose Key Pair.
  5. On the right side of the page, click Import Key Pair.
    Figure 5 Import Key Pair
  6. Use either of the following methods to import the key pair:
    • Selecting a file
      1. On the Import Key Pair page of the management console, click Select File and select the local public key file, for example, the .txt file saved in 3.

        When importing a key pair, ensure that the public key is imported. Otherwise, the importing will fail.

      2. Click OK.

        After the public key is imported, you can change its name.

    • Copying the public key content
      1. Copy the content of the public key in .txt file into the Public Key Content text box.
      2. Click OK.

Helpful Links