DEV Community

Mayur Bhatti
Mayur Bhatti

Posted on

Importing a Custom EC2 Key Pair in AWS: A Step-by-Step Guide

#devops #tutorial #security #aws

Managing secure access to your Amazon EC2 instances is critical, and one of the foundational steps is setting up an SSH key pair. AWS allows you to create and use your custom EC2 key pairs, providing flexibility for advanced security management. This guide outlines the steps to import a custom key pair into AWS.

Prerequisites

Before you begin, ensure you have the following:

  • Custom SSH Key Pair: Generate an SSH key pair using your preferred method or tool, such as OpenSSL, ssh-keygen, or a third-party tool.
    • The private key will remain on your local machine for authentication.
    • The public key will be imported into AWS.
  • AWS CLI or AWS Management Console: This guide covers both methods for importing the key pair.
  • IAM Permissions: Ensure your AWS user or role has the necessary permissions:
    • ec2:ImportKeyPair
    • ec2:DescribeKeyPairs

Step 1: Generate a Custom Key Pair (if not already created)

Using ssh-keygen
On a Linux, macOS, or Windows machine (with WSL or Git Bash):

ssh-keygen -t rsa -b 2048 -m PEM -C "your-email@example.com" -f my-custom-key
Enter fullscreen mode Exit fullscreen mode
  • -t rsa: Specifies the RSA algorithm.
  • -b 2048: Sets the key size to 2048 bits.
  • -m PEM: Specifies format of the key.
  • -f my-custom-key: Saves the key with the name my-custom-key.
  • -C "your-email@example.com": Adds a comment to identify the key.

This command generates two files:

  1. my-custom-key: The private key (keep it secure).
  2. my-custom-key.pub: The public key for importing into AWS.

Step 2: Import the Key Pair in AWS

Using AWS Management Console:

  1. Log in to AWS Management Console: Navigate to the EC2 Dashboard.
  2. Access Key Pairs:
    • On the left-hand menu, under Network & Security, click Key Pairs.
  3. Import Key Pair:
    • Click Import key pair.
    • Provide a name for the key pair (e.g., my-custom-key).
    • Copy the contents of the public key file (my-custom-key.pub) into the Public key contents field.
    • Click Import key pair.

Using AWS CLI:

  1. Install and Configure AWS CLI: If not already installed, download and configure the AWS CLI following the installation guide.
  2. Run the Import Command: Use the following command to import your custom key pair: 
aws ec2 import-key-pair \
    --key-name "my-custom-key" \
    --public-key-material fileb://my-custom-key.pub
Enter fullscreen mode Exit fullscreen mode
  • --key-name: Specifies the name of the key pair in AWS.
  • --public-key-material: Uploads the public key file.
  1. Verify the Key Pair: To confirm the key pair was imported successfully: 
aws ec2 describe-key-pairs --key-name "my-custom-key"
Enter fullscreen mode Exit fullscreen mode

Your custom key pair is now available for use with EC2 instances.

Key Considerations

  • Keep Private Keys Secure: Store private keys in a secure location and never share them.
  • Key Pair Limits: AWS accounts have a soft limit on the number of key pairs per region (default: 5,000). Contact AWS Support if you need more.
  • Backup: Regularly back up private keys in a secure location to avoid losing access to your EC2 instances.

Conclusion

Importing a custom EC2 key pair into AWS provides flexibility and control over SSH access to your instances. By following the steps outlined in this guide, you can ensure secure, seamless access while maintaining compliance with your organization's security policies.

For more details, refer to the official AWS Key Pair Documentation.

Top comments (0)