Key Pair
A Key Pair (KeyPair) is a secure and convenient login method commonly used for batch management of enterprise servers. A pair of keys (public key and private key) is generated through an encryption algorithm, and the default encryption method is RSA 4096-bit.
Feature Advantages
Compared to password login, key login has the following advantages:
- Security: SSH key pair login authentication is more secure and reliable
- Convenience:
- Use a private key to log in to the target instance through the SSH client, no need to enter a password
- Facilitates remote login to batch Linux instances, convenient for management
Usage Limitations
The use of SSH key pairs has the following limitations:
- Only supports Linux instances and instances that support CloudInit
- Only supports the creation of 4096-bit RSA key pairs
- When creating an instance via the console and choosing key pair login, a Linux instance can only bind to one key pair
- If a key pair has already been bound when creating an instance, reinstalling the system and binding a new key pair will replace the original key pair
- If you need to use multiple key pairs to log into an instance, you can manually modify the
~/.ssh/authorized_keys
file within the instance to add multiple key pairs.
Generation Method
- Generated by the interface provided by SurferCloud. By default, RSA 4096-bit encryption is used. For specific operations, refer to Create Host Key Pair.
Note: If your key pair is generated by the console's Create Key Pair function, please be sure to download and properly save the private key when generating the key pair for the first time. When this key pair is bound to a certain instance, if you do not have the private key, you will not be able to log in to the instance.
- Generated by the user using the SSH key pair generator. The imported key pair only supports ssh-rsa encryption.
How to Use
- Create/Import Key Pair
Note:
After successfully creating the SSH key pair, SurferCloud will save the public part of the SSH key pair. In Linux instances, the public key content is placed in the
~/.ssh/authorized_keys
file. You need to download and properly secure the private key. The private key uses unencrypted PEM (Privacy-Enhanced Mail) encoded PKCS#8 format.
-
Select password login when creating/reinstalling the system, and choose the key that was just created.
-
Open SSH client
-
Locate your private key file, for example, the private key file is
SurferCloud-test.cer
-
If necessary, run this command to ensure your key is not visible, example:
chmod 400 SurferCloud-test.cer
- Connect to your instance, for example:
ssh -i ~/Desktop/SurferCloud-test.cer root@113.31.112.80