Howtodojo logo
  • Home 
  • About 
  • Certifications 
  • Sample Database 
  • Cheatsheet 
  • Glossary 
  • Blog 
  • Tags 
  1.   Blog
  1. Home
  2. Blog
  3. How To Create AWS EC2 Keypair

How To Create AWS EC2 Keypair

Share via
Howtodojo
Link copied to clipboard

In this tutorial we learn how to create AWS EC2 Keypair from AWS Console, using CLI, Terraform and CloudFormation.

On this page
Introduction   AWS Key Pairs Requirements   How To Generate Key Pairs   Generate Key Pairs With Length 2048 bit   Generate Key Pairs With Length 4096 bit   Create AWS Key Pairs Using AWS Console   Create AWS Key Pairs Using AWS CLI   Create AWS Key Pairs Using Terraform  
How To Create AWS EC2 Keypair

Introduction  

In this tutorial we learn how to create AWS key pairs. AWS key pairs is used to access EC2 instances in AWS.

We will learn creating AWS Key Pairs using various methods from AWS Console, CloudFormation to Terraform.

AWS Key Pairs Requirements  

Key airs in AWS have the following requirements / limitation.

  • AWS key pairs supported format :
    • OpenSSH public key format (the format in ~/.ssh/authorized_keys). If you connect using SSH while using the EC2 Instance Connect API, the SSH2 format is also supported.
    • Base64 encoded DER format
    • SSH public key file format as specified in RFC4716
    • SSH private key file format must be PEM
  • AWS key pairs only support RSA key. Amazon EC2 does not accept DSA keys.
  • The supported lengths are 1024, 2048, and 4096. If you connect using SSH while using the EC2 Instance Connect API, the supported lengths are 2048 and 4096.

How To Generate Key Pairs  

In this section we learn how to generate key pairs using ssh-keygen command.

Generate Key Pairs With Length 2048 bit  

To generate key pairs with 2048 bit length, we can use the command below.

ssh-keygen -t rsa -b 2048 -f aws-key-2048 -C howtodojo-keypair
```bash

The `-f` option above is the key pairs file name, while the `-C` option is comment on the key pairs. You can put name or email address on the `-C` option to help you identity the owner or usage of the keypair.

It will gives output similar to output below. You can provide passphrase for the key or leave the passphrase empty.

```bash
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in aws-key-2048
Your public key has been saved in aws-key-2048.pub
The key fingerprint is:
SHA256:KJgqU8OOoijBpfBLy21crQYJRe+6Z9H0saUHjOTrN9c howtodojo-keypair
The key's randomart image is:
+---[RSA 2048]----+
|   ..            |
|    ..  .        |
|   .  .o o       |
|...+ . .+ + .    |
|o.O...o+So *     |
|.Bo.ooo + + .    |
|*+.=.o +   . .   |
|*.+ +.= . o . E  |
|+  ..+   . o     |
+----[SHA256]-----+

Generate Key Pairs With Length 4096 bit  

To generate key pairs with 4096 bit length, we can use the command below.

ssh-keygen -t rsa -b 2048 -f aws-key-4096 -C howtodojo-keypair
```bash

It will gives output similar to output below. You can provide passphrase for the key or leave the passphrase empty.

```bash
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in aws-key-4096
Your public key has been saved in aws-key-4096.pub
The key fingerprint is:
SHA256:t8sKXWGPqtXg5b3iybZsp7lehUYhux3ulk1R7JXV2Qo howtodojo-keypair
The key's randomart image is:
+---[RSA 2048]----+
|          . .  .O|
|           oE. +=|
|          + o..o.|
|         . O o...|
|        S * * o  |
|       o O = =   |
|      . = + * .  |
|       + ++*..   |
|      . .*&*.    |
+----[SHA256]-----+

Create AWS Key Pairs Using AWS Console  

Create AWS Key Pairs Using AWS CLI  

To create AWS key pairs using AWS CLI we can use the command below.

aws ec2 create-key-pair --key-name <key_pair_name>
```bash

Replace `<key_pair_name>` above with the intended name of your keypair. The output of the command above will be similar to output below.

```bash
{
    "KeyMaterial": "-----BEGIN RSA PRIVATE KEY-----\nMIIEpQIBAAKCAQEArKLxhP46H4ObLyN/ezUAkP/bcPH9DKdtdkB/1rN67XY44zH5\nQ9IkV2tYUmxI+Zhz4mGYkYCqwr32oVnTF0rkkgtSy2YzMVeSpe6wTjgkptrllsWb\nEMqJ4GHNX4l5S0P4PScR1IH/MDxz6fDkr+dbXUL/CVpreUhsNtlL8o51X779EmBL\nNagSkr1w8ZQx9j362XiNdlBmfPtrdaa+Oj/0eLdUuEwUOPsU9p9bRdW6X9sdQJNw\neKli5CRsLqWKB2x42MyZAkU7TjX8FL1PhxU/v4fPhSgYorsG5JfzfiypP+zMftft\n4EzJID9aqyEiHzrySORtfTfTZT2kT1i0jBZSXQIDAQABAoIBAQCqVOLji0qhyWIV\n-----END RSA PRIVATE KEY-----", 
    "KeyName": "howtodojo-keypair", 
    "KeyFingerprint": "8e:d8:f2:6b:5a:00:c3:17:d8:ad:d2:ec:78:f8:9e:23:af:46:03:67", 
    "KeyPairId": "key-0044e0cfdf44f2982"
}

```bash

The sample `KeyMaterial` in above output is already truncated. Please note the private key in `KeyMaterial` field have newline character printed (`\n`). You have to replace \n with new line character in your text editor.

Keep your private key save by storing it using password manager or another saving method.

To get the public key of a private key you can use command below.

```bash
ssh-keygen -y -f testing-howtodojo.pem

Create AWS Key Pairs Using Terraform  

To create AWS Key Pair using terraform we can use code below.

resource "aws_key_pair" "howtodojo-deployer" {
  key_name   = "howtodojo-deployer"
  public_key = "ssh-rsa <public key> howtodojo-deployer"
}

```bash

We cannot generate new AWS key pairs using Terraform and get the private key. We have to generate the key pair by ourselves. The Terraform code only import the public key to AWS

## Create AWS Key Pairs Using CloudFormation {#h-create-aws-key-pairs-using-cloudformation}

CloudFormation doesn't support AWS key pair creation. We have to use custom CloudFormation resource to generate key pairs using CloudFormation.

We will not discuss the usage of creating AWS key pair using CloudFormation custom resource in this tutorial.

## Summary {#h-summary}

In this tutorial we learn how to create AWS key pair using AWS Console and AWS CLI. We don't discuss the creation of AWS key pairs in terraform since it require us to use CloudFormation custom resource.
 How To Install IntelliJ IDEA on Ubuntu 22.04 LTS
How To Install PostgreSQL 14 on Ubuntu 20.04 
On this page:
Introduction   AWS Key Pairs Requirements   How To Generate Key Pairs   Generate Key Pairs With Length 2048 bit   Generate Key Pairs With Length 4096 bit   Create AWS Key Pairs Using AWS Console   Create AWS Key Pairs Using AWS CLI   Create AWS Key Pairs Using Terraform  
Follow me

We publish tutorials, tips and tricks about Linux, open source, cloud computing, and infrastructure

     
Copyright © 2012 - 2025 howtodojo.com. |
Howtodojo
Code copied to clipboard