This topic describes how to create an SSH key pair in the ECS console. After a key pair is created, immediately download and save its private key to a safe location. To log on to an ECS instance that is bound with a key pair, you must have the private key. You can have a maximum of 500 key pairs in a region.


  1. Log on to the ECS console.
  2. In the left-side navigation pane, choose Network & Security > SSH Key Pairs.
  3. In the top navigation bar, select a region.
  4. Click Create SSH Key Pair.
  5. On the Create SSH Key Pair page, configure the following parameters.
    Parameter Description
    SSH Key Pair Name The key pair name must be unique. The name must be 2 to 128 characters in length and can contain letters, digits, and the following special characters: periods (.), underscores (_), hyphens (-), and colons (:). It cannot start with a special character or digit.
    Creation Type You can select one of the following types of SSH key pairs: We recommend that you select Auto-create and save the private key in a timely manner.
    • Auto-create: The system automatically creates a key pair for you. Download the private key immediately after its creation. You cannot download the private key at any time afterwards.
    • Import: You can import a Base64-encoded public key.
    Tag You can bind one or more tags to the key pair to facilitate resource search and aggregation. For more information, see Overview.
  6. Click OK.

What to do next

Attach or remove an SSH key pair