In this article, we take a look at how to create an Amazon AWS Key Pair that will be used to secure SSH access to a Linux EC2 instance.
This tutorial will cover creating the AWS Key Pair, at which stage you can then use it for any newly created Linux EC2 instances. If you are new to Amazon AWS and would like to learn how to create an EC2 Linux instance, you can follow my step-by-step video tutorial by clicking here.
Creating AWS Key Pair
Firstly, log in to the AWS console, click on services, EC2. When you have arrived within the EC2 service, expand Network & Security on the left-hand side and click on Key Pairs.
As you can see in the screenshot below I don’t have any Key Pairs
Click on the orange button at the top right labeled ‘Create key pair’
Enter a name for your key pair. There are 2 file formats for a key pair:
- PEM -can be used for Windows and decrypting the Windows password that AWS creates on first boot up
- PPK – is what we are going to use with Putty to establish a secure SSH session to our Linux EC2 instance
Under ‘file format’, make sure ppk is selected
Click the orange ‘Create key pair’ button at the bottom right. You will be asked to save the ppk file to your PC or laptop. Above all, make sure this is securely stored and backed up as you cannot re-download this file.
The new AWS Key Pair is available for selection when we go through the EC2 instance creation wizard and click Launch at step 7. Use the drop-down menu to select ‘Choose an existing key pair’ and select the Key Pair you just created.
Saving The Private Key File
Secondly, we need to download a tool called Putty Key Generator. We are going to load our ppk file into this tool and save the private key. You are going to see how this works with Putty in just a few steps.
Once you’ve downloaded Putty Key Generator, open up the program and click on the Load button.
Let’s browse to where we downloaded the AWS Key Pair file. Select the ppk file and click on Open.
As a result, the Key Pair information is loaded into the Putty Key Generator. The last thing left to do before we save the private key is to type in and confirm a Key passphrase. The Key Passphrase will be used to decrypt the private key later on within Putty.
I now need to save the private key. Click on ‘Save private key’. I gave my private key file the name of sysadmintutorials-priv.ppk.
Putty Key Pair Setup
In addition, let’s head on over to Putty. I’m going to show you how to set up a new connection to your AWS EC2 Linux instance.
Within Putty, you will enter in your EC2 Linux instance IP address or DNS name in the highlighted yellow field below. Make sure for connection type, you select SSH.
On the left-hand side menu, expand SSH under the Connection branch and select Auth. On the right-hand side, click the browse button and browse to where you saved your private key. In my case I select the sysadmintutorials-priv.ppk file.
You can browse back to Session on the left-hand side and save the session.
Before testing the connection, make sure your AWS security group allows your IP to SSH into your Linux instance.
In conclusion, within Putty click on Open. Enter in the username ec2-user and the ‘Key Passphrase’ you created when we saved the private key with Putty Key Generator.
The private key within Putty is decrypted with the Key Passphrase, the private key and public key (public key is on AWS EC2 side) authenticate, and you gain SSH access to your Linux instance.