When working with Amazon Web Services (AWS) EC2 instances, you must add a key pair to authenticate your access to the instance. A key pair consists of a public key and a private key.
You use the public key to encrypt the data and the private key to decrypt it. This article will discuss adding a key pair to an EC2 instance.
Contents
- 1 Launch an EC2 Instance
- 2 Create a Key Pair
- 3 Import Public Keys
- 4 Replace a Lost Key Pair
- 5 Apply Key Pair to Running Instance
- 6 Change Key Pair for Running Instance
- 7 Reset Admin Password
- 8 Linux Instances
- 9 AWS EC2 Support
- 10 AWS CLI
- 11 Multiple Users
- 12 Specific Key Pair
- 13 Elastic Beanstalk
- 14 Extract Public Key
Launch an EC2 Instance
It would help if you launched an instance first to add a key pair to an EC2 instance. You can do this using the EC2 console, AWS CLI, or Elastic Beanstalk. Once you have launched the instance, you can add a key pair.
Create a Key Pair
To create a key pair, click the Network & Security tab in the EC2 console and click the Key Pairs option. You can create a new key pair by clicking the Create Key Pair button.
Give the key pair a name and click on the Create button. This will create a new key pair consisting of public and private keys.
Import Public Keys
If you already have a public key that you want to use, you can import it into AWS. To do this, go to the Key Pairs page and click on the Import Key Pair button.
Enter a name for the key pair and paste the public key into the Public Key field. Click on the Import button to create the key pair.
Replace a Lost Key Pair
You can replace your key pair with a new one if you lost one. To do this, go to the Key Pairs page and select the lost key pair.
Click on the Actions menu and select Replace Key Pair. Follow the instructions to create a new key pair.
Apply Key Pair to Running Instance
It would help if you sshed into the instance to apply a key pair to a running instance.
Use the following command to connect to the instance: ssh -i <keypairname>.pem ec2-user@<public-DNS>
Replace <keypairname> with the name of your key pair and <public-DNS> with the public DNS of your instance.
Once you have connected to the instance, you can apply the key pair by using the following command: sudo ssh-keygen -i -f /path/to/private/key > /path/to/public/key.pub
Replace /path/to/private/key with the path to your private key and /path/to/public/key.pub with the path where you want to save your public key.
Change Key Pair for Running Instance
To change the key pair for a running instance, you must create a new one first. Once you have created the new key pair, apply it to the instance using the above-mentioned steps. If you want to remove the old key pair, you can do so by following these steps:
- Go to the Key Pairs page in the EC2 console.
- Select the old key pair.
- Click on the Actions menu and select Delete Key Pair.
Reset Admin Password
If you have lost the admin password for your instance, you can reset it using a key pair. To do this, follow these steps:
- Stop the instance.
- Detach the root volume from the instance.
- Attach the root volume to another instance as a secondary volume.
- Connect to the other instance using SSH and mount the secondary volume.
- Edit the /etc/shadow file and remove the password hash for the ec2-user.
- Save the file and unmount the volume.
- Attach the volume back to the original instance and start it.
Linux Instances
When working with Linux instances, you must use a PEM file to authenticate your access to the instance.
A PEM file is a public key file that contains the private key. To connect to a Linux instance, you need to use the following command: ssh -i /path/to/keypair.pem ec2-user@<public-DNS>
Replace /path/to/keypair.pem with the path to your PEM file and <public-DNS> with the public DNS of your instance.
AWS EC2 Support
If you have any questions or issues related to EC2 instances, you can contact AWS EC2 Support for assistance. The support team is available 24/7 and can help you with any issues.
AWS CLI
If you prefer to use the command line to manage your EC2 instances, you can use the AWS CLI. The AWS CLI is a command line tool that provides a unified interface to manage your AWS services. You can use the AWS CLI to launch and manage EC2 instances, create and manage key pairs, and more.
Multiple Users
You can create a key pair for each user if you need to provide access to multiple users. Each user will have their own public and private key. When users connect to an instance, they use their private key to authenticate their access.
Specific Key Pair
If you want to use a specific key pair for an instance, you can specify the key pair when you launch the instance. To do this, select the key pair from the Key Pair dropdown list when launching the instance.
Elastic Beanstalk
Using Elastic Beanstalk to manage your applications, you can add a key pair to your EC2 instances from the Elastic Beanstalk console. To do this, go to the Configuration page for your application and select the Instances tab.
From here, you can add a key pair by selecting the Key Pair option and specifying the name of the key pair.
Extract Public Key
If you need to extract the public key from a private SSH EC2 key pair, you can use the following command: ssh-keygen -y -f /path/to/private/key > /path/to/public/key.pub
Replace /path/to/private/key with the path to your private key and /path/to/public/key.pub with the path where you want to save your public key.
Conclusion
Adding a key pair to an EC2 instance is essential to securing your instance. This article discussed adding a key pair to an EC2 instance using the EC2 console, AWS CLI, or Elastic Beanstalk.
We also covered how to create a key pair, import public keys, replace a lost key pair, and apply a key pair to a running instance.
Following these steps ensures that your EC2 instances are secure and accessible only to authorized users.
