You can create an SSH key pair in the ECS console. You can also use a tool to generate a key pair and import its public key to Alibaba Cloud.


You have obtained the public key information of the key pair to be imported.

Background information

Note Do not import the private key. Store the private key in a safe location. To log on to an ECS instance that is bound with a key pair, you must have the private key.

An Alibaba Cloud account can have a maximum of 500 key pairs in a region. For more information, see Limits.

An imported public key must be Base64 encoded and supports one of the following encryption methods:
  • RSA
  • DSA
  • ssh-rsa
  • ssh-dss


  1. Log on to the ECS console.
  2. In the left-side navigation pane, choose Network & Security > SSH Key Pair.
  3. In the top navigation bar, select a region.
  4. Click Create SSH Key Pair.
  5. Enter a key pair name and set Creation Type to Import.
    Note The key pair name must be unique. Otherwise, you are prompted that the name is already in use.
  6. In the Public Key field, enter the public key to be imported.
  7. Click OK.

What to do next

Connect to a Linux instance by using an SSH key pair