• Bare Metal Server

bms
  1. Help Center
  2. Bare Metal Server
  3. User Guide
  4. Key Pair and Password
  5. Creating a Key Pair

Creating a Key Pair

Scenarios

A key pair that consists of a public key and a private key is required for authentication when you log in to a BMS. Both the public and private keys are used for authentication. Therefore, you must use an existing key pair or create a new one for remote login authentication.

  • Creating a key pair

    If no key pair is available, create one that contains a public and private key used for login authentication. You can use either of the following methods:

    • Create a key pair using the management console. After the creation, the public key is automatically stored in the system, and the private key is manually stored in a local directory. For details, see section Creating a Key Pair Using the Management Console.
    • Create a key pair using puttygen.exe. After the creation, both the public key and private key are stored locally. For details, see section Creating a Key Pair Using puttygen.exe.
  • Using an existing key pair

    If a key pair is available locally, choose Key Pair in the navigation tree and click Import Key Pair and Select File on the right side of the page to import the key pair to the system. For details, see section Importing a Key Pair.

Restrictions and Limitations

  • BMSs support the following encryption algorithms:
    • SSH-2 (RSA, 1024)
    • SSH-2 (RSA, 2048)
    • SSH-2 (RSA, 4096)
  • The private key is one of the most important functions for protecting your BMS during SSH login. To ensure BMS security, you are limited to downloading the private key only once.

Creating a Key Pair Using the Management Console

  1. Log in to the management console.
  2. Click in the upper left corner and select the desired region and project.
  3. Under Computing, click Bare Metal Server.
  4. In the navigation tree, choose Key Pair.
  5. On the right side of the page, click Create Key Pair.
  6. Enter the key name.
  7. Click OK.
  8. In the displayed dialog box, click OK.

    You can view and save the private key according to the prompts. To ensure BMS security, you are limited to downloading the private key only once.

Creating a Key Pair Using puttygen.exe

  1. Obtain the public and private keys.

    1. Double-click puttygen.exe. The PuTTY Key Generator page is displayed.
      Figure 1 PuTTY Key Generator
    2. Click Generate.

      The key generator automatically generates a key pair that consists of a public key and a private key. The public key is shown in the red box in Figure 2.

      Figure 2 Obtaining the public and private keys

  2. Copy the public key content to a .txt file and save the file in a local directory.

    NOTE:

    Do not save the public key by clicking Save public key. Storing a public key by clicking Save public key of puttygen.exe will change the format of the public key content. Such a key cannot be imported to the management console.

  3. Save the private key file.

    The format in which to save your private key varies depending on application scenarios: To ensure BMS security, you are limited to downloading the private key only once.

    • Saving the private key in .ppk format

      When you are required to log in to a Linux BMS using PuTTY, you must use the .ppk private key. To save the private key in .ppk format, perform the following operations:

      1. On the PuTTY Key Generator page, choose File > Save private key.
      2. Save the private key, for example, kp-123.ppk, to the local PC.
    • Saving the private key in .pem format

      When you are required to log in to a Linux BMS using Xshell or attempt to obtain the password for logging in to a Windows BMS, you must use the .pem private key for authentication. To save the private key in .ppk format, perform the following operations:

      1. On the PuTTY Key Generator page, choose Conversions > Export Open SSH key.

        If you use this private file to obtain the password for logging in to a Windows BMS, when you choose Export OpenSSH key, do not configure Key passphrase. Otherwise, obtaining the password will fail.

      2. Save the private key, for example, kp-123.pem, in a local directory.

  4. Import the public key to the system. For details, see "Copying the public key content".

Importing a Key Pair

If you store a public key by clicking Save public key of puttygen.exe, the format of the public key content will change. Such a key cannot be imported to the management console. To resolve this issue, obtain the public key content in correct format and import the content to the management console. For details, see section What Should I Do If a Key Pair Created Using puttygen.exe Cannot Be Imported to the Management Console?.

  1. Log in to the management console.
  2. Under Computing, click Bare Metal Server.
  3. In the navigation tree, choose Key Pair.
  4. On the right side of the page, click Import Key Pair.
    Figure 3 Import Public Key
  5. Use either of the following methods to import the key pair:
    • Selecting a file
      1. On the Import Key Pair page, click Select File and select the locally stored public key.
        NOTE:

        When importing a key pair, ensure that the public key is imported. Otherwise, importing the key pair will fail.

      2. Click OK.

        After the public key is imported, you can change its name.

    • Copying the public key content
      1. Copy the content of the public key in .txt file into the Public Key Content text box.
      2. Click OK.