You can create an SSH key pair in the Elastic Compute Service (ECS) console. You can also use a third-party tool to generate an SSH key pair and import the public key of the key pair to Alibaba Cloud.
Prerequisites
The public key information of the SSH key pair that you want to import is obtained. For information about how to obtain the public key information of SSH key pairs, see View public key information.
Background information
Do not import private keys. Keep private keys secure. To log on to an ECS instance to which a key pair is bound, you must provide the private key.
Only one public key can be imported to an ECS instance.
Each Alibaba Cloud account can have up to 500 key pairs in a region. For more information, see Limits.
Imported public keys must be encoded in Base64
and support one of the following encryption methods:
rsa
dsa
ssh-rsa
ssh-dss
ecdsa
ssh-rsa-cert-v00@openssh.com
ssh-dss-cert-v00@openssh.com
ssh-rsa-cert-v01@openssh.com
ssh-dss-cert-v01@openssh.com
ecdsa-sha2-nistp256-cert-v01@openssh.com
ecdsa-sha2-nistp384-cert-v01@openssh.com
ecdsa-sha2-nistp521-cert-v01@openssh.com
Procedure
Log on to the ECS console.
In the left-side navigation pane, choose .
In the upper-left corner of the top navigation bar, select a region.
Click Create Key Pair.
In the Create SSH Key Pair dialog box, configure the parameters that are described in the following table.
Parameter
Description
Name
Enter a name for the key pair. The key pair name must be unique. The name must be 2 to 128 characters in length and can contain letters, digits, periods (.), underscores (_), hyphens (-), and colons (:). It cannot start with a digit or special character.
Creation Type
Select Import.
Public Key
Enter a public key.
Resource Group
You can assign the key pair to a resource group for easy management. For more information, see Resource groups.
Tag
Select one or more tags to add to the key pair. This facilitates resource search and aggregation. For more information, see Overview of tags.
Click OK.
What to do next
You can bind the imported key pair to ECS instances. For more information, see Bind an SSH key pair to an instance.