Security can be easily overlooked when building a product, especially when working with an outsourced engineering team. You want to trust them, so you give them access to your servers. But then you discover fraudulent activity, and, well, you start to panic.
In hindsight, you realize you never should have shared your Secure Shell (SSH) key, instead storing it in a vault with restricted user access. If, however, someone has a private SSH key to your Amazon Web Services (AWS) Elastic Compute Cloud (EC2) instance and you’re worried about a malicious attack, you have two options to revoke their access:
If you created the key pair with a third-party tool and uploaded the public key to AWS, or if you generated a new public key from an existing AWS-created private key and uploaded it to AWS, the fingerprint is calculated using an MD5 hash function. In case you travel and can’t carry your laptop with you, just keep your private key on a USB stick and attach it to your physical keychain. Your server will be much safer this way. Generate Public/Private SSH Key Pair. Open Command Prompt from the Start Menu and type.
Here’s a summary of how to replace the keys mentioned in option No. 2 above:
(For more, DigitalOcean has a great tutorial on setting up SSH keys.)
Make sure to update the key if you’re using it elsewhere, like on a continuous integration (CI) server. Otherwise you’ll be scratching your head when none of your builds are working.
Amazon EC2 uses public-key cryptography to encrypt and decrypt login information. In the public-key cryptography, the password is encrypted using the public key. The public key is stored in the Amazon EC2 instance and we need private key to decrypt and access the EC2 instance. The public and private keys are known as key pair.
Creating a key pair using the Amazon EC2 console
In order to access the Amazon EC2 console, you must activate your AWS account.
Activate your AWS account
Access the EC2 console
After activating your account, login and navigate to Amazon EC2 console.
In the top right corner you can select the region of your choice. At the time of this writing, Amazon supports 14 regions in total. In general, select the AWS region which is near to your geographical location so that you can reduce the latency in network to the best possible level. For this example, I chose EU (Frankfurt).
The key pair that you create is specific to that region. If you change the AWS region, you have to create another key pair for that new region.
Create key pair
![]()
Connect to EC2 instance from Windows using PuTTY
Now you have created the key pair and have the private key file with you. You can launch the EC2 instance by choosing the key pair name that you have created. But if you want to connect to the instance using the PuTTY from Windows, then you need to convert the private key format (.pem) to the required (.ppk) format.
Convert your private key
Generate Public Private Key Pair Aws Login
What next?Windows Generate Private Public Key
You have the private key file now in correct format in order to connect to your EC2 instances using the PuTTY client. Go ahead and start launching your EC2 instances. This ends our post on creating the Amazon EC2 key pair.
Aws Public Private Key
If you have any questions please post it in the comments section. Thank you!
![]() Comments are closed.
|
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |