
This assumes you have already configured the aws command line tool. If not, check out my article on Getting Started with the AWS CLI.
The aws ec2 create-key-pair command can be used to create a key pair that can then be used to make an SSH connection onto your EC2 instances.
~]$ aws ec2 create-key-pair --key-name my-key
{
"KeyFingerprint": "b6:eb:8a:a0:5e:4e:a6:0b:66:3c:3d:93:6d:42:63:d7:f5:32:23:71",
"KeyMaterial": "-----BEGIN RSA PRIVATE KEY-----\nMIIEpQIBAAKCAQEA4ASycG6bvaPyUdDBiOgJ+EW/LWNtO0P7hQiCm8nOh7GAxL40\nMD4nkBejZ0CgoGXRcUOxF0CzBssrVv5d9tSlgVP16Oc3EbfVKWIWnChN5asDy8EP\n7t3Pe1/6dLA4B5iRbVcQV3FZ9NypujS/PUdgKpuhCWt36uq4ncAWlrbqjJuHOJrc\nDPu6d5yuF0eu8n975+3zbf4enCcm7ZaY6WQaenv5RIqQAYsNtYRMHqLGKFJAvddZ\nTuuONgDy/GCrLjE8VkdTMIzjYskd18okRjzNyUNJUjWKZvzFFV9D07QdgzvlZnyZ\nlHOceNjLZTP1QfrKSej9hGgt1YRKq61eBRHNVwIDAQABAoIBAA0nOXLwi6Ru4+N5\n5mMrfKpfLgJ0PA2myDXfcgvDpaTB/1WN9XJ/s8L6IFYHrWa9k7aayuMaoWhctYa+\nGLZNdgpJ675pFQqtSI7Ne5Zfp3M8v1RPWagkzfHoiMQhNKj9hExvOD5qIWYHLtAI\nGNJ4RmU6DhKHhNr+PSjGBo2C3/KxcvBkJth+xjDXIQWWwPi5Cbn4u//eD43KqwGh\nhgiWK+tydF2KnUfIYGx56ujVn5/tecY9+gmVRnRID69iYH1GdsNtcklazu/q7u+w\nlyjNKFaMF5lK7IPWkFU86zi16WJwCjAtQaWiDvSSTUUt4UIBB2vJdwkyVzPjMMTV\n0tkVSYECgYEA+qCspmzX0zTVreU9nY4YA1d6/YZ0cjEXJr0QrHHO3WGEfFVLYhn1\nci+74F8G9n08kYa1yPOzT2UIY4U09dfdwjopK3aajpQKv8BjEKhVS290oqUQd6Mz\nvgov/zN6Pt/oBcVmmFpnNNX3XuppUWSOMBujHsk9NYCDCVbizAxSV2kCgYEA5NIA\n41qTwgfg9LRzAw6VFE5KHT+//7ielXVpNLWSz1oBnN5IklXpJyy+4bgfPXgvHjP0\nTmPH8YpIqZTWj5KJfsYmSmaUo+18+uxS7bx8dMx5FhXTQa7S3L66JeohP3rIp7sz\nsCLqkcXselodxWceRTyVhBNs8Hdwtms9BQFBJr8CgYEAuKb6rR9SICU0LYvRSqyv\nGn8weWu/jYaHlR4FE9hB3i+D6gr5oEyZ3sg2dsfsnFyG7H1An86VVLCObqxs6Zhi\npUAupvwaQWPnS4GWO2aaeRqj51UP/eU7MQ/WbwLhVUOoceAPh75Lfc0LFV5FvBcG\n/4DNPNhthWaqpI3kSQvm+skCgYEAif5HwNSoFTSxKoIEdkx+BV/tfFQs0ugg4xuK\nldoGrnumS1cWRwH+eLyYZQGn/WcUa0+Dvx6XvwfZKEP1XWJO/yA6iVXxwCaB38VT\ngcHRAJMrVvFUlOD8k1mGY0UeRe0jQ1w3ILr94WmOYn8kQx8b9z9BIASjByXQ2II1\nq2YFR3sCgYEA0euiepqA8HXCaaZ2HD8cKXK5cNZKBwa/UlEmB7O54g8rkGaQYq2A\namBZWIMi7EiffDSQWPKpnY3+0m46j4wAmGZXz7OTcLAIYDOqvXSVQv22GYpBNu6e\nSNUGOJ7r54g0d9KL/OAGX6thc4nLbhW9EUfhmy8MnLrz7vhOHj6oGbI=\n-----END RSA PRIVATE KEY-----",
"KeyName": "my-key",
"KeyPairId": "key-04582539453c591c1"
}
Be aware this is your one and only chance to capture the private key. Create a PEM file such as my.pem and store the content of the KeyMaterial output in my.pem. Replace \n with actual new lines / carriage returns so that my.pem looks something like this.
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAl/qBJwMtUFnLns9cGCjnC1EKuWwwK+ItcLF7WoDOISxfmE/l
1TSBEos16nyqv6qMQOfNu/1sGJ8IHCWeqMuWJO4nY3RebOJ2jinw2aiLtMkzQjRQ
KGVs62h1VzLx2n8IVLXOSnEmTRRRpNIH5vWx2EEBtchtCXGiUcJIRt8Q1UVsfTbp
H7GvAVDqGMfnXqizqbGtfmDZTtAmq4JYReUUej1NnE8O8hLFNXqcrioo27puF8Ti
gPoTpp9p8ncidktd3NWck9jJGvEoaA3oxsKMgZGlPviMkhTv70Ovh7ShPpZ38ETB
7SkOcn6W4hbDHFqSihmrf0S7JaSN/RYKY2wVMQIDAQABAoIBADFOVkRf5X2iBEub
npc//eVP/5i0ntQ95twe2JQ+IaHlkYYKtdf71rw7adyPYZ4ZKLOOANMynrVGMw1e
-----END RSA PRIVATE KEY-----
Then PuttyGen can be used to create a PPK file from the PEM file. For example, this command on a Linux system could be used.
puttygen my.pem -O private -o my.ppk
The aws ec2 describe-key-pairs command can then be used to list the EC2 key pairs that have been created.
~]$ aws ec2 describe-key-pairs
{
"KeyPairs": [
{
"KeyPairId": "key-0551234a925abcd7a",
"KeyFingerprint": "86:0e:bb:db:6b:78:7c:67:0e:b1:91:38:0a:ce:95:71:4d:2b:72:2e",
"KeyName": "default",
"KeyType": "rsa",
"Tags": []
},
{
"KeyPairId": "key-04582539453c591c1",
"KeyFingerprint": "b6:eb:8a:a0:5e:4e:a6:0b:66:3c:3d:93:6d:42:63:d7:f5:32:23:71",
"KeyName": "my-key",
"KeyType": "rsa",
"Tags": []
}
]
}
Did you find this article helpful?
If so, consider buying me a coffee over at