Guided Lab: Creating a Key Pair in Amazon EC2
Description
In Amazon EC2, a Key Pair consists of public and private keys. EC2 uses these keys to encrypt and decrypt login information. You store the private key and use it to connect to your EC2 instances securely. AWS keeps the public key, which is used to verify access. Key pairs are critical for secure SSH access to Linux-based instances or for decrypting the administrator password of Windows-based instances.
This lab will walk you through the process of manually creating a key pair using the Amazon EC2 Management Console. By the end of this lab, you will understand how to generate a new key pair, download the private key file, and use it for secure EC2 instance access.
Prerequisites
This lab assumes you have the following:
- Basic knowledge and understanding of Amazon EC2 and AWS Management Console
If you find any gaps in your knowledge, consider taking the following lab:
Objectives
By the end of this lab, you will:
- Learn how to create a key pair in the Amazon EC2 Management Console.
- Understand the importance of securing your private key.
- Use the created key pair to launch an EC2 instance as a confirmation step.
Lab Steps
Create a Key Pair
1. Navigate to the EC2 Dashboard.
2. In the EC2 left sidebar, scroll down to the Network & Security section in the left sidebar and select Key Pairs.
3. Click on Create key pairĀ and follow the configuration below:
- Provide a Key pair name (e.g.,
MyEC2KeyPair
). - For the Key pair type, select either RSA or ED25519:
- RSA: A widely-used encryption algorithm suitable for most scenarios.
- ED25519: A newer and faster encryption algorithm preferred for enhanced security and performance.
- Choose the Private key file format:
- .pem (Privacy Enhanced Mail): This format is commonly used for SSH clients like OpenSSH, the default SSH client for most Linux and Unix-based systems, including macOS. If you plan to connect to your EC2 instance using SSH from a Linux or macOS terminal, use this format. Set proper permissions on the
.pem
file to restrict access (e.g., using.chmod 400
). - .ppk (PuTTY Private Key): This format is specific to PuTTY, a popular SSH client on Windows. Choose this format if you are using Windows and plan to connect using PuTTY. You will need PuTTY or PuTTYgen to use the
.ppk
file.
- .pem (Privacy Enhanced Mail): This format is commonly used for SSH clients like OpenSSH, the default SSH client for most Linux and Unix-based systems, including macOS. If you plan to connect to your EC2 instance using SSH from a Linux or macOS terminal, use this format. Set proper permissions on the
- Click Create key pair.
- The private key file (
MyEC2KeyPair.pem
orMyEC2KeyPair.ppk
) will automatically download to your computer. Important: Keep this file secure and never share it with anyone.
Congratulations! You have successfully created a key pair in Amazon EC2 and used it to launch an EC2 instance. This key pair can be reused for secure access to future EC2 instances. Always keep your private key file secure to prevent unauthorized access.
As a best practice, remember to delete any resources no longer in use to maintain a clutter-free AWS environment.
Thank you for joining this lab, and happy learning!