AWS News Blog

New Amazon EC2 Feature: Bring Your Own Keypair

You can now import your own RSA keypair (or the public half, to be precise) for use with your Amazon EC2 instances.

Why would you want to do this? Here are a couple of reasons:

  1. Trust – By importing your own keypair you can ensure that you have complete control over your keys.
  2. Security -You can be confident that your private key has never been transmitted over the wire.
  3. Management of Multiple Regions – You can use the same public key across multiple AWS Regions.

You can upload RSA keys (which can be 1024, 2048, or 4096 bits long) in a variety of formats including OpenSSH public key format, Base64 encoded DER format, or the SSH public key file format specified in RFC 4716. The ssh-keygen tool (part of the standard OpenSSH installation) is a handy way to create keys.

Read more about the import key feature in the newest version of the EC2 User Guide.

Update:Paul Maunder documented the process of uploading the same keypair to multiple EC2 regions. Thanks, Paul!

— Jeff;

Jeff Barr

Jeff Barr

Jeff Barr is Chief Evangelist for AWS. He started this blog in 2004 and has been writing posts just about non-stop ever since.