Skip to Content
Operation GuideKey Pair

Key Pair

KeyPair is a secure and convenient login method often used for enterprise server batch management. A pair of keys (public key and private key) are generated through encryption algorithms, defaulting to RSA 4096-bit encryption.

Features and Advantages

Compared to password login, key login has the following advantages:

  • Security: SSH key pair login authentication is more secure and reliable
  • Convenience:
    • Using the private key to log in to the target instance through the SSH client, you do not need to enter a password
    • It is convenient for remote login to batch Linux instances for easy management

Usage Limitations

The following restrictions apply to using SSH key pairs:

  • Only supported for Linux instances that support CloudInit.
  • Only 4096-bit RSA key pairs can be created.
  • When creating an instance via the console and selecting key-based login, one Linux instance can bind only one key pair.
  • If a key pair is bound during instance creation, reloading the system and binding a new key pair will replace the original key pair.
  • For needs to use multiple key pairs to log in to an instance, manually modify the ~/.ssh/authorized_keys file inside the instance to add multiple key pairs.

Generation Method

  • Generated by the interface provided by UCloud Global Cloud. The default is RSA 4096-bit encryption.

Note: If your key pair is generated by the “Create Key Pair” function in the console, be sure to download and securely save the private key when the key pair is first generated. If this key pair is bound to an instance, you will be unable to log in to the instance without the private key.

  • Users can generate with SSH key pair generator. The imported key pair supports only ssh-rsa encryption.

How to Use

  • Create/Import a key pair

img

Note: After successfully creating an SSH key pair, UCloud Global will save the public key portion of the SSH key pair. In a Linux instance, the public key content is placed in the ~/.ssh/authorized_keys file. You need to download and securely store the private key. The private key uses the unencrypted PEM (Privacy-Enhanced Mail)-encoded PKCS#8 format.

  • When creating/reinstalling the system, select password login and choose the newly created key.
  • Open the SSH client side
  • Locate your private key file, such as UCloud Global-test.cer
  • If necessary, run this command to ensure your key is not visible. Example:
chmod 400 test.cer
  • Connect to your instance. Example:
ssh -i ~/Desktop/test.cer  root@113.31.112.80
Custom DataHardware Isolation Group