You can call this operation to create an SSH key pair. The system stores the public key and returns the unencrypted private key. The private key is encoded with PEM and is in the PKCS#8 format. You must store the private key on your own and ensure its confidentiality.

Description

In addition to calling CreateKeyPair, you can create a key pair through a third-party tool and call the ImportKeyPair operation to upload the key pair to an Alibaba Cloud region.

A maximum of 500 key pairs can be created in each region. For more information, see Limits.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String No CreateKeyPair

The operation that you want to perform. Set the value to CreateKeyPair.

KeyPairName String Yes TestKeyPairV23

The name of the key pair. The name must be 2 to 128 characters in length and can contain letters, digits, colons (:), underscores (_), and hyphens (-). The name must start with a letter but cannot start with http:// or https://.

RegionId String Yes cn-hangzhou

The region ID of the key pair. You can call the DescribeRegions operation to query the most recent region list.

Tag.N.Key String No Test

The key of tag N of the key pair. Valid values of N: 1 to 20. It cannot be an empty string. The tag key can be up to 128 characters in length and cannot contain http:// or https://. It cannot start with acs: or aliyun.

Tag.N.Value String No Test

The value of tag N of the key pair. Valid values of N: 1 to 20. It can be an empty string. The tag value can be up to 128 characters in length and cannot contain http:// or https://. It cannot start with acs:.

ResourceGroupId String No rg-bp67acfmxazb4ph***

The ID of the enterprise resource group to which the SSH key pair belongs.

Response parameters

Parameter Type Example Description
KeyPairFingerPrint String 89:f0:ba:62:ac:b8:aa:e1:61:5e:fd:81:69:86:6d:6b:f0:c0:5a:**

The fingerprint of the key pair. The message-digest algorithm 5 (MD5) is used for the fingerprint based on the public key fingerprint format defined in RFC 4716. For more information, see RFC 4716.

KeyPairId String ssh-bp67acfmxazb4ph***

The ID of the SSH key pair.

KeyPairName String TestKeyPairV23

The name of the key pair.

PrivateKeyBody String MIIEpAIBAAKCAQEAtReyMzLIcBH78EV2zj****

The private key of the key pair. The private key is encoded with PEM and is in the PKCS#8 format.

RequestId String 473469C7-AA6F-4DC5-B3DB-A3DC0DE3C83E

The ID of the request.

Examples

Sample requests

https://ecs.aliyuncs.com/?Action=CreateKeyPair
&RegionId=cn-hangzhou
&KeyPairName=TestKeyPairV23
&<Common request parameters>

Sample success responses

XML format

<CreateKeyPairResponse>
      <RequestId>473469C7-AA6F-4DC5-B3DB-A3DC0DE3C83E</RequestId>
      <KeyPairName>test</KeyPairName>
      <KeyPairId>ssh-bp67acfmxazb4ph***</KeyPairId>
      <KeyPairFingerPrint>89:f0:ba:62:ac:b8:aa:e1:61:5e:fd:81:69:86:6d:6b:f0:c0:5a:**</KeyPairFingerPrint>
      <PrivateKeyBody>MIIEpAIBAAKCAQEAtReyMzLIcBH78EV2zj****</PrivateKeyBody>
</CreateKeyPairResponse>

JSON format

{
    "RequestId": "473469C7-AA6F-4DC5-B3DB-A3DC0DE3C83E",
    "KeyPairName": "TestKeyPairV23",
    "KeyPairId": "ssh-bp67acfmxazb4ph***",
    "KeyPairFingerPrint": "89:f0:ba:62:ac:b8:aa:e1:61:5e:fd:81:69:86:6d:6b:f0:c0:5a:**",
    "PrivateKeyBody": "MIIEpAIBAAKCAQEAtReyMzLIcBH78EV2zj****"
}

Error codes

HttpCode Error code Error message Description
400 InvalidKeyPairName.Malformed Specified Key Pair name is not valid. The error message returned because the KeyPairName parameter is invalid.
403 QuotaExceed.KeyPair The key pair quota exceeds. The error message returned because the maximum number of key pairs has been reached.
400 KeyPair.AlreadyExist The key pair already exist. The error message returned because a key pair with the same name already exists. Duplicate key pairs cannot be added.
404 InvalidResourceGroup.NotFound The ResourceGroup provided does not exist in our records. The error message returned because the resource group does not exist.
400 Duplicate.TagKey The Tag.N.Key contain duplicate key. The error message returned because the specified tag key already exists. Tag keys must be unique.
400 InvalidTagKey.Malformed The specified Tag.n.Key is not valid. The error message returned because the specified Tag.N.Key parameter is invalid.
400 InvalidTagValue.Malformed The specified Tag.n.Value is not valid. The error message returned because the specified Tag.N.Value parameter is invalid.

For a list of error codes, visit the API Error Center.