How Do I Create a Key Pair?
Creating a Key Pair Using the Management Console
- Log in to the management console.
- Click in the upper left corner of the management console and select a region or project.
- Click . Choose .
- In the navigation pane on the left, click Key Pair Service.
- Click Create Key Pair.In the displayed dialog box, enter the key pair name, as shown in Figure 1.
- (Optional) Select a key pair type. If no key pair is enabled for your account, an SSH_RSA_2048 key pair will be created by default.
Currently, only the RSA algorithm can be used with Windows.
- Read and select I agree to host the private key of the key pair. if needed. Select an encryption key from the KMS encryption drop-down list box. Skip this step if not needed.
- KPS encrypts private keys using the encryption key provided by KMS. When you use the KMS encryption function of the key pair, KMS creates a default key kps/default for you to use.
- For details about the custom keys created on KMS, see Creating a Key.
Figure 2 Managing private keys
- Read the Key Pair Service Disclaimer and select I have read and agree to the Key Pair Service Disclaimer.
- Click OK. The browser automatically downloads the private key. When the private key is downloaded, a dialog box is displayed.
- Save the private key as prompted by the dialog box.
- If the private key is not managed, it can be downloaded only once. Keep it properly. If the private key is lost, you can bind a key pair to the ECS again by resetting the password or key pair. For details, see How Do I Handle the Failure in Logging In to ECS After Unbinding the Key Pair?.
- If you have authorized Huawei Cloud to manage the private key, you can export the private key anytime as required.
- Click OK. After the key pair is created, you can view the information in the key pair list, including name, fingerprint, status, and private key.
After the key pair is created, download the private key to your local host and keep it securely.
Creating a Key Pair Using PuTTYgen
- Generate the public and private keys. Double-click PuTTYgen.exe. The PuTTY Key Generator page is displayed, as shown in Figure 3.
- Configure the parameters as described in Table 1.
Table 1 Parameter description Parameter
Description
Type of key to generate
Encryption and decryption algorithm of key pairs to be imported to the management console. Currently, only SSH-2 RSA is supported.
Number of bits in a generated key
Length of a key pair to be imported to the management console. Currently, the following length values are supported: 1024, 2048, and 4096.
- Click Generate to generate a public key and a private key. See Figure 4.
- Copy the information in the blue square and save it in a local .txt file.
Do not save the public key by clicking Save public key. If you save a public key using Save public key, the public key format will be changed and cannot be imported to the management console directly.
- Save the private key in PPK or PEM format.
For security purposes, the private key can only be downloaded once. Keep it secure.
Table 2 Format of a private key file Private Key File Format
Private Key Usage Scenario
Saving Method
PEM
- Use the Xshell tool to log in to the cloud server running the Linux operating system.
- Manage the private key on the management console.
- Choose Conversions > Export OpenSSH key.
- Save the private key, for example, kp-123.pem, to a local directory.
Obtain the password of a cloud server running the Windows operating system.
- Choose Conversions > Export OpenSSH key.
NOTE:
Do not enter the Key passphrase information. Otherwise, the password fails to be obtained.
- Save the private key, for example, kp-123.pem, to a local directory.
PPK
Use the PuTTY tool to log in to the cloud server running the Linux operating system.
- On the PuTTY Key Generator page, choose File > Save private key.
- Save the private key, for example, kp-123.ppk, to a local directory.
After the public key and private key are correctly saved, you can import the key pair to the management console.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.