devops

Getting Started with AWS EC2 Key Pairs

Published: (February 18, 2026 at 05:02 PM EST)
6 min read
Source: Dev.to

Source: Dev.to

# Introduction

Hey there, cloud enthusiasts! If you’re just starting your AWS journey like I am, you’ve probably heard the term “key pairs” thrown around and wondered what all the fuss is about. Well, I’m excited to share my first hands‑on lab experience with you! In this article I’ll walk you through creating and configuring EC2 key pairs—the security credentials that let you securely connect to your virtual servers in the cloud.

By the end of this guide you’ll understand what key pairs are, why they matter, and how to set them up so you can SSH into your EC2 instances like a pro. Let’s dive in!

What Are EC2 Key Pairs, Anyway?

Before we get our hands dirty, let’s demystify key pairs. Think of a key pair like a digital lock‑and‑key system for your house:

  • Public Key – This is like the lock on your front door. AWS stores it on your EC2 instance.
  • Private Key – This is like your house key. You keep it safe on your computer and use it to prove you’re authorized to access the instance.

Together they form a cryptographic pair that ensures only you can access your EC2 instances. Pretty cool, right?

Step 1: Navigate to the EC2 Dashboard and Access Key Pairs

  1. Log into the AWS console.
  2. Open the EC2 Dashboard.
  3. In the left sidebar, under “Network & Security,” click “Key Pairs.”

EC2 Key Pairs navigation screenshot

The dashboard shows all your EC2 resources at a glance—instances, security groups, and more. Finding the Key Pairs section is straightforward; it’s right there in the sidebar.

Step 2: Create Your First Key Pair

  1. Click “Create key pair.”

  2. Fill out the form:

    • Name: funkeypair
    • Key pair type: RSA (the standard encryption type)
    • Private key file format: .pem (perfect for OpenSSH)

Create key pair form screenshot

AWS automatically downloads the private key file once you click “Create key pair.” This is the only time you’ll see the file, so keep it safe.

Step 3: Download and Secure Your Private Key

After clicking “Create key pair,” your browser downloads the .pem file to your Downloads folder. This file is critical—it’s your only way to access your EC2 instances.

Best practices:

  • Store it in a secure location (e.g., an encrypted folder).
  • Never share it with anyone.
  • Back it up offline (but keep it private!).

Step 4: Download PuTTY for Windows SSH Access

Because I’m on Windows, I needed a tool to SSH into my EC2 instance. I downloaded PuTTY from putty.org, which includes:

  • putty.exe – the SSH client
  • puttygen.exe – the key‑generation utility

PuTTY is a free, lightweight SSH client that’s been trusted by professionals for years.

PuTTY download page screenshot
PuTTY installer screenshot
PuTTYGen interface screenshot
PuTTYGen load key message screenshot

A success message appeared:

“Successfully imported foreign key (OpenSSH SSH‑2 private key (old PEM format)). To use this key with PuTTY, you need to use the ‘Save private key’ command to save it in PuTTY’s own format.”

Step 5: Convert the PEM Key to PuTTY’s .ppk Format

  1. Open PuTTYgen.
  2. Click “Load” and select the .pem file you downloaded from AWS.
  3. After the key loads, click “Save private key.”
    • You can optionally set a passphrase for extra security.
  4. Choose a location and save the file with a .ppk extension (e.g., funkeypair.ppk).

PuTTYGen save private key screenshot

The .ppk file is what you’ll use when connecting to your EC2 instances through PuTTY.

Step 6: Connect to Your EC2 Instance with PuTTY

  1. Open PuTTY.
  2. In the “Host Name (or IP address)” field, enter the public DNS or IP of your EC2 instance.
  3. In the left navigation pane, go to Connection → SSH → Auth.
  4. Click “Browse” and select the .ppk file you saved earlier.
  5. Return to the Session page, give the session a name under “Saved Sessions,” and click “Save.”
  6. Click “Open.”

If everything is set up correctly, you’ll see a terminal prompt asking for the default user (e.g., ec2-user for Amazon Linux, ubuntu for Ubuntu). After entering the user name, you’ll be logged into your instance.

Recap

  • Key pairs = public key (stored on the instance) + private key (kept by you).
  • Create a key pair in the EC2 console → download the .pem file.
  • On Windows, convert the .pem to a .ppk using PuTTYgen.
  • Use PuTTY (or any SSH client) with the .ppk to connect to your EC2 instance.

That’s it! You now have a fully functional SSH workflow for your AWS EC2 instances. Happy cloud computing!

Screenshots

Screenshot 1

Screenshot 2

Screenshot 3

The generator displayed all the key information, including:

  • The public key (for reference)
  • Key fingerprint (a unique identifier)
  • Key comment (useful for organization)

Key Learnings from This Lab

1. Security is Paramount

Key pairs are your first line of defense. Losing your private key means losing access to your instances, so treat it like your house keys.

2. Format Matters

Different tools use different key formats. AWS uses .pem, but PuTTY prefers .ppk. Understanding these conversions is essential for Windows users.

3. One‑Way Download

AWS only shows you the private key once during creation. If you lose it, you’ll need to create a new key pair and relaunch your instances. Always download and back it up immediately.

4. Asymmetric Encryption is Powerful

The public/private key system is elegant. AWS can verify your identity without ever seeing your private key.

Challenges I Faced (And How I Overcame Them)

Challenge 1: Finding the Right File Format

Initially, I wasn’t sure why I needed to convert the .pem file. I learned that different SSH clients expect different formats.

Challenge 2: File Browser Filtering

When loading the key in PuTTY, the file browser initially showed no files because it was filtering for .ppk files only. Changing the filter to “All Files” solved this instantly.

Challenge 3: Understanding the Terminology

Terms like key pair, public key, and private key seemed confusing at first. Thinking of them as a lock‑and‑key system made everything click.

Conclusion

Creating and configuring EC2 key pairs might seem like a small step, but it’s foundational to working with AWS. This lab taught me that cloud security starts with understanding the basics, and key pairs are a basic you need to master.

The AWS Cloud Practitioner exam emphasizes security, and this hands‑on experience has given me real confidence in that area. If you’re studying for the exam or just getting started with AWS, I highly recommend doing this lab yourself—there’s no substitute for hands‑on learning.

0 views
#aws #ec2 #key-pairs #ssh #cloud #security #tutorial
View source
Share:
Back to Blog

Related posts

Read more »