View Single Post
Old 2016-07-15, 02:50   #6
GP2's Avatar
Sep 2003

5·11·47 Posts
Default Make sure that you have a key pair for ssh logins

This part will need to be done separately for each AWS region that you use (but for now let's just do one region).

In this section, you will verify (or create) the key pair (private key and public key) that you will use when logging into your instances with ssh.

Go to the EC2 console at, then click on the "Key Pairs" link in the left-hand-side menu.

Make sure you are in the AWS region you intended to be in, and change it if necessary. The region name is indicated at the top right part of the page. Make sure it is a region where EFS is available.

If there is an existing key pair that you already use when logging into instances using an ssh client program, then all is well and you can skip the rest of this section. Otherwise you will need to create a new key pair.

Click on the blue "Create Key Pair" button.

In the popup window, choose a name and fill in the "Key pair name" field. Choose the name carefully because it can't be changed later. I recommend including the name of the region in the name, for example ssh-us-west-2 or ssh-us-east-1 or ssh-eu-west-1 or whatever.

Key pair name: ____________
Fill in the ___________ with the name you chose, as described above.

Click on the "Create" button.

A file will be automatically downloaded to your computer, its name will be the key pair name you chose in the previous step plus a ".pem" ending. Your ssh client program will need this file to log into instances.

PuTTY program on Windows

( PuTTY can be downloaded at )

If you are using the popular PuTTY program on Windows, you need to convert the .pem file to a .ppk file. To do this, run the PuTTYgen program, then in the File menu, choose "Load private key". In the file selection box, change the filter at the bottom from "PuTTY Private Key Files (*.ppk)" to "All files (*.*), and then select the .pem file that was downloaded in the previous step. Click the Open button.

Next, decide if you want to type a password or passphrase each time you log into an instance, for added security. If so, fill in the "Key passphrase" and "Confirm passphrase" fields (with the same text in each one). Then, in the File menu, choose "Save private key". In the save file box, set the File name field at the bottom to the same name as the key pair name (or whatever you like, but that's the most logical choice), and the "Save as type" should be "PuTTY Private Key Files (*.ppk)". Click the Save button.

You now have a .ppk file with the same name as the .pem file that was downloaded earlier. PuTTY will need this file to log into instances.

Next section: Make sure your IAM instance role exists and it has the right permissions

Last fiddled with by GP2 on 2016-07-26 at 19:22
GP2 is offline   Reply With Quote