Data Encryption Workshop
Data Encryption Workshop
- What's New
- Function Overview
- Service Overview
- Getting Started
-
User Guide
- Key Management Service
- Cloud Secret Management Service
- Key Pair Service
- Dedicated HSM
- Auditing Logs
- Permission Control
- Best Practices
-
API Reference
- Before You Start
- Calling APIs
- API Overview
- APIs
- Application Examples
- Permissions Policies and Supported Actions
- Appendix
- Change History
- SDK Reference
-
FAQs
-
KMS Related
- What Is Key Management Service?
- What Is a Customer Master Key?
- What Is a Default Key?
- What Are the Differences Between a Custom Key and a Default Key?
- What Is a Data Encryption Key?
- Why Cannot I Delete a CMK Immediately?
- Which Cloud Services Can Use KMS for Encryption?
- How Do Huawei Cloud Services Use KMS to Encrypt Data?
- What Are the Benefits of Envelope Encryption?
- Is There a Limit on the Number of Custom Keys That I Can Create on KMS?
- Can I Export a CMK from KMS?
- Can I Decrypt My Data if I Permanently Delete My Custom Key?
- How Do I Use the Online Tool to Encrypt or Decrypt Small Volumes of Data?
- Can I Update CMKs Created by KMS-Generated Key Materials?
- How Are Default Keys Generated?
- What Should I Do If I Do Not Have the Permissions to Perform Operations on KMS?
- Why Can't I Wrap Asymmetric Keys by Using -id-aes256-wrap-pad in OpenSSL?
- Key Algorithms Supported by KMS
- What Should I Do If KMS Failed to Be Requested and Error Code 401 Is Displayed?
- CSMS Related
-
KPS Related
- How Do I Create a Key Pair?
- What Are a Private Key Pair and an Account Key Pair?
- How Do I Handle an Import Failure of a Key Pair Created Using PuTTYgen?
- What Should I Do When I Fail to Import a Key Pair Using Internet Explorer 9?
- How Do I Log In to a Linux ECS with a Private Key?
- How Do I Use a Private Key to Obtain the Password to Log In to a Windows ECS?
- How Do I Handle the Failure in Binding a Key Pair?
- How Do I Handle the Failure in Replacing a Key Pair?
- How Do I Handle the Failure in Resetting a Key Pair?
- How Do I Handle the Failure in Unbinding a Key Pair?
- Do I Need to Restart Servers After Replacing Its Key Pair?
- How Do I Enable the Password Login Mode for an ECS?
- How Do I Handle the Failure in Logging In to ECS After Unbinding the Key Pair?
- What Should I Do If My Private Key Is Lost?
- How Do I Convert the Format of a Private Key File?
- Can I Change the Key Pair of a Server?
- Can a Key Pair Be Shared by Multiple Users?
- How Do I Obtain the Public or Private Key File of a Key Pair?
-
Dedicated HSM Related
- What Is Dedicated HSM?
- How Does Dedicated HSM Ensure the Security for Key Generation?
- Do Equipment Room Personnel Has the Super Administrator Role to Steal Information by Using a Privileged UKey?
- What HSMs Are Used for Dedicated HSM?
- What APIs Does Dedicated HSM Support?
- How Do I Enable Public Access to a Dedicated HSM Instance?
- Pricing
- General
- Change History
-
KMS Related
- Videos
On this page
Help Center/
Data Encryption Workshop/
User Guide/
Key Pair Service/
Using Key Pairs/
Binding a Key Pair
Binding a Key Pair
Updated on 2024-09-29 GMT+08:00
If you set the login mode to Password when purchasing an ECS running Linux, and you need to change the login mode to Key Pair, you can bind the key pair to the ECS on the KPS console, KPS will configure the key pair. After the key pair is bound, you can use the private key to log in to the ECS.
This section describes how to bind a key pair to an ECS on the KPS console.
Prerequisites
- The ECS must be in the Running or Shut down state.
- The ECS has not been bound to a key pair.
- The ECS whose key pair is to be reset uses the public image provided by Huawei Cloud.
- To bind to a key pair, you can write the public key of the user to the /root/.ssh/authorized_keys file on the server. Ensure that the file is not modified before binding to the key pair. Otherwise, the binding will fail.
- The SSH port (22 by default) of the ECS security group must allow traffic from the 100.125.0.0/16 CIDR block in advance.
Constraints
- On the management console, key pairs cannot be bound to ECSs that run Windows.
- Key pairs cannot be bound to public images running CoreOS, OpenEuler, FreeBSD (Other), Kylin V10 64-bit, or UnionTech OS Server 20 Euler 64-bit.
Binding a Key Pair
- Log in to the management console.
- Click
in the upper left corner of the management console and select a region or project.
- Click
. ChooseSecurity > Data Encryption Workshop.
- In the navigation pane on the left, click Key Pair Service.
- Click ECS List to view ECSs.
- Click Bind in the row of an ECS to open the Bind Key Pair dialog box.
- If the ECS is shut down, a dialog box will be displayed, as shown in Figure 1.
- If the ECS is running, you need to provide the root password, as shown in Figure 2.
NOTE:
- If you have the root password of the ECS, you can directly enter the password to bind the key pair to the ECS.
- If you do not have the root password of the ECS, you can shut down the ECS, and bind the key pair when the ECS is in Shut down state.
- Select a new key pair from the drop-down list box of New Key Pair.
- The default port number is 22 and can be modified.
NOTE:
- You can choose whether to disable the password login mode as necessary. By default, the password login mode is disabled.
NOTE:
- If you do not disable the password login mode, you can use the password or the key pair to log in to the ECS.
- If the password login mode is disabled, you can use only the key pair to log in to the ECS. If you need to use the password login mode later, you can enable the password login mode again. For details, see How Do I Enable the Password Login Mode for an ECS?.
- Read and select I have read and agree to the Key Pair Service Disclaimer.
- Click OK to complete the operation.
- If the ECS is not shut down, use the root password to bind the key pair. It takes about 30 seconds to complete.
- If the ECS is shut down, the binding operation may take about five minutes.
Parent topic: Using Key Pairs
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.
The system is busy. Please try again later.