EC2 is Amazon Elastic Compute Cloud 2 is a web cloud service that enabled developers to access web scalable cloud computing more easily and provides a secure, resizable compute capacity in the cloud. It can also be used to manage storage, configure security and host virtual servers.
The Server Key
This service used a public key to protect and encrypt the information in the cloud and server like login authentication. When you have data stored in the cloud, a public key is used to encrypt that data, then you get a private key to be able to decrypt that data on your end. This enables users to secure their data with server keys instead of a username and password.
Name Your Key
The first step to creating a key pair is the name. It’s essential to give the key a name you can remember. This name will become what is associated with that particular key. The private key is your property, you can store it on your local drive or Google Docs. Whoever can access that key will also be able to access the information in the instance associated with the key. Amazon EC2 saves only the public key. Amazon EC2 supports only 2048-bit SSH-2 RSA keys and is extendable to five thousand keys in a region. An amazon key pair is created along with the instance that is being encrypted.
There are two ways to create a key for an instance. You can create indirectly at your amazon console or you can create it in your project condole and import it. To do so, log into Amazon Console. In the menu bar, select the option to choose Key Pairs and navigate to Create a key pair. Here you will be prompted to enter a name key pair. Enter a name that corresponds with the instance created for easy remembrance.
You will need to specify the File format before saving. You can either chose pem, to open with OpenSSH, or choose, ppk to open with PuTTY. When this is done, you can then save your new pair keys for that instance. Keep in mind that Amazon does not save your server keys, so it’s not possible to retrieve them from Amazon when you lose them. If you misplace or forget a key to an instance that’s not an EBS backed Linux instance, the best thing to do is delete or terminate that instance and start a new one. But if it’s Linux, then you might be able to retrieve it.
Import Your Key
To import your public key to Amazon EC2, create an RSA key pair using a third-party platform. After this is done, you can import the key to Amazon EC2. Most of the programming languages like Python, Java, C#, C++ come with their standard libraries that enable RSA pair key generation.
EC2 only accepts keys with the following formats, OpenSSH public key format (the format in ~/.ssh/authorized_keys), SSH2 format, Base64 encoded DER format, and SSH public key file format as specified in RFC4716. It however does not support DSA Keys. The keys can have lengths between 1024, 2048, 4096, 2048 and 4096. The last two are for connected instance API.
Create Your Key
To create the key, go to the console of your third party app and type in the following:
[–dry-run | –no-dry-run] [–cli-input-json <value>] [–generate-cli-skeleton <value>]
This will create a 2048-bit RSA key pair with the specified name. Remember to put in your desired name in the Key-name attribute.
Save Your Key
For the public key, you can choose any file extension you want and then save it to a local file. The file extension of the private key is, however, important. It is recommended that you save the private key to a file location different from the public key with a .pem extension
It is very important to save the private file in a location that you won’t mistakenly delete it or it can easily assessed by third parties. You will need this key anytime you want to connect to that instance or launch it. Your private key should look something like this
“ —–BEGIN RSA PRIVATE KEY—–
—–END RSA PRIVATE KEY—– ”
When the key pair is created, use new console, old console, AWS CLI or PowerShell to import the keys to Amazon AWS. Go to Amazon EC2 to access the Amazon EC2 console and import the just created keys. Just like with creating a key pair, choose key pairs but instead of creating a new key pair, select import key pairs.
Once again, give it a name that you can easily associate with your instance. Here you can either browse through your files to select your file containing the key you can copy and paste the key contents into the Public key contents field. Also, make sure that the key pair you just imported appears in the list of key pairs. Now you have named, created, and saved your own AWS EC2 server key.