Skip to main content

How to Add a New Key Pair to an AWS EC2 Instance for SSH?

In this article, we will discuss "How to Add a New Key-Pair to an AWS EC2 Instance for SSH". After creating an AWS EC2 instance, you might want to setup multiple SSH accounts for each user. Then you have to create new Key-Pairs, when you think that the user doesn't need to connect via SSH into AWS instances, you can delete the key pairs directly from the AWS EC2 Instance Console.

You have to check my previous article for a better understanding of SSH connectivity.

How to Use SSH with AWS EC2 Instance?

Create Key Pair


Login to your AWS Management Console, then go to EC2 Management Console. After that go to "Network & Security" in the navigation pane and click on the "Key Pairs".

EC2 Instance key pairs

Here, you can find the existing key pairs and you can search any key pair using the search field via key pair name. For new key pair, click on the "Create key pair" button.

ec2 instance key pair dashboard

Now, you are redirected to the "Create key pair" form. Here, add the key name, Keypair type, and the Private key file format.

create new key pair

There are two types of Key Pairs.

  • RSA: This is the most commonly used key pair type.

  • ED25519: It's having some limitations, You can use ED25519 keys with Linux and Mac instances only.


There are two types of Private key file formats.

  • ".pem": Select .pem as the private key format if you need to use a key in Linux with OpenSSH.

  • ".ppk": Select .ppk if you need to use the key in Windows with PuTTY.


We will create both ".pem" and ".ppk" for this tutorial.

List of existing key pairs

Both keys are created successfully and downloaded to the system.

Let Connect to EC2 Instance


We have generated a new key pair in the web interface of AWS Management Console. Now, we need to create a public key by using the downloaded ".pem" file.

I'm using the "ssh-keygen" command in the Linux terminal to create a public key.
ssh-keygen -y -f path-to-key-pair-pem-file.pem

In this demo, I'm at the root of the directory where the ".pem" file is located.
ssh-keygen -y -f cb_temp_pem.pem

If you face an error related to the permissions then use the following command to set the required permissions. And, try again the "ssh-keygen".
chmod 400 cb_temp_pem.pem

Create SSH public key

A public key is ready, just copy the generated key string and save this information in a safe place. Let's connect to the AWS EC2 Instance via SSH as explained in the previous article or directly connect to SSH via terminal/putty with the default public key.

Open the configuration file where we have to add the newly generated key string, can be located in the following paths. It might be different for you as per your user name.

/home/ubuntu/.ssh/authorized_keys

/home/ec2-user/.ssh/authorized_keys

/root/.ssh/authorized_keys

You can edit the configuration file using the "vim authorized_keys" command on the terminal. Paste your public key from the clipboard to the second line in this configuration file. Save the changes and close the file. Don't close the current SSH session that you use for connection to the EC2 instance until you ensure that the second key you have added in the configuration works successfully. Otherwise, you can lose your SSH connection if the configuration is incorrect. This will affect the ability to connect to AWS instances via SSH, so be careful to perform this action. Open another terminal on your local Linux machine and try to connect to the instance by using a new ".pem" file.

Ubuntu terminal with SSH connectiion

Great! It's working fine, the AWS SSH connection has been established successfully. Our newly created ".pem" file working fine now, you can send this key (cb_temp_pem.pem) to a user who needs to establish the AWS SSH connection.

Disable SSH Access


When you will need to disable SSH access for any of the users, you have the follow the given solution:

Delete the SSH public key from ".ssh/authorized_keys" on your remote Linux instance running in AWS EC2. Make sure any mistake done in this step will create more complexity. For example, our configuration file contains two SSH keys. The first key was generated when you created the EC2 instance and the second key you created before for another user to connect to AWS EC2. After the deletion of the key, you can close the SSH terminal windows.

If you delete a key pair in "Network & Security -> Key pairs" from the EC2 Management Console, keys inside the particular EC2 instance are not deleted. So I recommend deleting both Key pairs and the SSH public key.

Conclusion


In this article, we are discussing "How to Add a New Key Pair to an AWS EC2 Instance for SSH?". Hope you like this article, and learn how to create new key pairs for SSH. Please feel free to add comments if any queries or feedback.

Keep learning & stay safe :)



You may like:

How to Setup an EC2 Instance on AWS?

How to Manage Elastic IP in AWS?

Basic Understanding on AWS Lambda

How to Manage AWS Lambda Versioning and Aliases

Comments

Post a Comment

Popular posts from this blog

Basic Use of Model Factories in Laravel

In this article, we will discuss the basic use of Model Factories in Laravel. Laravel comes with the feature called model factories that are offered to made fake models quickly. It’s used in the database testing and database seeding. Let’s start the discussion on this feature by... Read out the full post at here
Post a Comment
Read more

How to Manage Elastic IP in AWS?

In this article, we will discuss "How to Manage Elastic IP in AWS?" . Here, you will learn the use of Elastic IP addresses and how to assign it to your EC2 Instance. If you are new with EC2 Instance then check out my previous article, "How to setup an EC2 Instance on AWS" . EC2 (Amazon Elastic Compute Cloud) provide us an ability to create, start, stop and terminate the instance at any time. This will creates a challenge with IP addresses, because restarting an instance or replacing a terminated instance with newly created instance, will result in a new IP address. Now the question is "How to reference a machine when the IP is constantly change?" . We can handle this situation with the use of Elastic IP address. We can associate a single Elastic IP address to different Ec2 Instances. You can immediately associate a new Ec2 Instance with the Elastic IP address if the EC2 instance is stopped or terminated. After the back-end EC2 instance changes, our exist...
Post a Comment
Read more

How to use trackBy in Angular with Example

In this article, we will discuss "How to use trackBy in Angular" . Basically, " trackBy " is used to improve the performance of an angular application. Today, I will try to explain the use of trackBy with an example. Why do we need trackBy in Angular? By default, no need to use trackBy in Angular. But with large collections of data, angular ngFor directive may perform poorly. For example, a small change of data such as adding a new record, editing, or deleting a record from the collection. The angular framework will remove all the DOM elements that are associated with the data and will create them again in the DOM tree even if the same data is coming. Here, a lot of DOM manipulation will happen in the background if a large amount of data comes from the API then the application performance will suffer. Angular trackBy example Angular provides us function trackBy which helps us to track the items which have been added or deleted. The trackBy function takes two argum...
Post a Comment
Read more