Logging In to a Linux ECS with a Private Key
-
Data encryption Workshop (DEW) is a full-stack data encryption service in the cloud. The Key Pair Service (KPS) provided by DEW is a secure, reliable, and easy-to-use key pair management service. As an alternative to the traditional username+password authentication method, key pairs are provided for you to remotely log in to Linux ECSs.
-
A key pair, including one public key and one private key, are generated based on an encryption algorithm. The public key is automatically saved in HUAWEI CLOUD, while the private key can be saved to your local host. You can also save your private keys in HUAWEI CLOUD and manage them with KPS as needed.
-
This guide uses logging in to a Linux ECS with a created key pair as an example, helping you get start with KPS quickly.
Step1 Prepare the environment.
1. Log in to the HUAWEI CLOUD management console.
2. On the console page of HUAWEI CLOUD, click Service List on the top navigation bar, and choose Computing > Elastic Cloud Server. Create an ECS to be bound to a key pair.
Note
1. An ECS needs to be bound to an elastic IP address.
2. If you already have an ECS, you can use it instead of creating a new one.
1
Logging in to the management console
2
Purchasing an ECS
View Image
Step2 Create a key pair.
1. On the console page of HUAWEI CLOUD, click Service List on the top navigation bar, and choose Security > Data Encryption Workshop.
2. In the navigation pane on the left, select Key Pair Service. The Key Pair Service page is displayed. Then click Create Key Pair.
Note
1. You can determine whether to have your private keys managed by KPS on HUAWEI CLOUD according to your needs.
2. To ensure ECS security, private keys that are not managed by HUAWEI CLOUD can be downloaded only once. Keep your downloaded private keys properly. Private keys that are managed by HUAWEI CLOUD can be exported anytime when you need.
1
Selecting DEW
2
Creating a key pair
View Image
Step3 Bind the key pair.
1. On the Key Pair Service page, click ECS List. The ECS list is displayed.
2. Click Bind in the row where the target ECS is. In the Bind Key Pair dialog box that is displayed, complete the configuration and click OK.
Note
1. If you have the root password of the ECS, you can directly enter the password to bind the key pair to the ECS.
2. If you do not have the root password of the ECS, you can shut down the ECS and bind the key pair when the ECS is in the shut-down state.
1
ECS list
2
Binding a key pair
View Image
Step4 Use a private key to log in to an ECS.
1. Open the third-party tool PuTTY.
2. Enter the username of the ECS image.
3. Upload the private key file in .ppk format.
4. Enter the elastic IP address of the ECS.
Note
1. If the public image is a CoreOS image, the username is core. For a non-CoreOS public image, the username is root.
2. The format of the private key to be uploaded must be a .ppk file.
1
Using the third-party tool PuTTY
2
Entering the username of an ECS image
3
Uploading the private key file
4
Entering the elastic IP address
View Image
Did this article solve your problem?
Thank you for your score!Your feedback would help us improve the website.