Updated on 2024-09-29 GMT+08:00

Importing a Key Pair

If you need to use your own key pair (for example, using the key pair created by the PuTTYgen tool), you can import the public key to the management console and use its private key to remotely log in to an ECS. You can also manage the private key on the management console of Huawei Cloud as necessary.

If multiple IAM users need to use the same key pair, use another tool (such as PuTTYgen) to create a key pair and import it for each of the IAM users separately.

Prerequisites

  • The public and private key files of the key pair to be imported are ready.
  • The imported key pair is an account key pair. If a private key pair with the same name has been created, a message will be displayed, indicating that the name already exists.
  • Each IAM user does not have a private key pair with the same name.
  • PKCS8 is supported for imported private keys. Convert the format if PKCS1 is used.

Constraints

  • The SSH keys imported to the KPS console support the following cryptographic algorithms:
    • SSH-DSS
    • SSH-ED25519
    • ECDSA-SHA2-NISTP256
    • ECDSA-SHA2-NISTP384
    • ECDSA-SHA2-NISTP521
    • SSH_RSA: The length can be 2048, 3072, and 4096 bits.
  • The format of the private key file that can be imported is PEM.

    If the file is in the .ppk format, convert it to a .pem file. For details, see How Do I Convert the Format of a Private Key File?.

  • If the imported private key is encrypted, the upload will fail.

Procedure

  1. Log in to the management console.
  2. Click in the upper left corner of the management console and select a region or project.
  3. Click . ChooseSecurity > Data Encryption Workshop.
  4. In the navigation pane on the left, click Key Pair Service.
  5. Click Import Key Pair. In the displayed dialog box, click Select File and import a public key file, or paste the public keys in the Public Key Content text box, as shown in Figure 1.

    Figure 1 Importing a key pair
    • You can customize the name of an imported key pair.
    • If a message is displayed, indicating that the name already exists, change the key pair name.

  6. Read and select I agree to host the private key of the key pair. if needed, as shown in Figure 2. Skip this step if not needed.

    Figure 2 Managing private keys
    1. Click Select File, select the .pem private key file to be imported. Alternatively, you can copy and paste the private key content to the Private Key Content text box.
    2. Select an encryption key from the KMS Encryption drop-down list box.
      • KPS encrypts private keys using the encryption key provided by KMS. When you use the KMS encryption function of the key pair, KMS creates a default key kps/default for you to use.
      • For details about the custom keys created on KMS, see Creating a Key.

  7. Read the Key Pair Service Disclaimer and select I have read and agree to the Key Pair Service Disclaimer.
  8. Click OK to import the key pair.