Help Center> Elastic Cloud Server> User Guide> Passwords and Key Pairs> Key Pairs> Application Scenarios for Using Key Pairs
Updated on 2024-04-29 GMT+08:00

Application Scenarios for Using Key Pairs

Key Pairs

Key pairs are a set of security credentials for identity authentication when you remotely log in to ECSs.

A key pair consists of a public key and a private key. Key Pair Service (KPS) stores the public key and you store the private key. If you have imported a public key into a Linux ECS, you can use the corresponding private key to log in to the ECS without a password. You do not need to worry about password interception, cracking, or leakage.

You can use Data Encryption Workshop (DEW) to manage key pairs, including creating, importing, binding, viewing, resetting, replacing, unbinding, and deleting key pairs.

This section describes how to create and import a key pair. For details about other operations, see Managing Key Pairs.


When purchasing an ECS, you are advised to select the key pair login mode. For Windows ECSs, key pairs are required to decrypt the passwords so that you can use the decrypted password to log in.

  • Logging in to a Linux ECS
    You can directly use a key pair to log in.

Creating a Key Pair

You can create a key pair or use an existing one for remote login authentication.


  • Key pairs can be used to remotely log in to Linux ECSs only.
  • SSH-2 key pairs created on the console support only the RSA-2048 cryptographic algorithms.
  • Key pairs can be used only for ECSs in the same region.
  • Imported key pairs support the following cryptographic algorithms:
    • RSA-1024
    • RSA-2048
    • RSA-4096
  • Store your private key in a secure place because you need to use it to prove your identity when logging in to your ECS. The private key can be downloaded once only.