Alibaba Cloud DevOps Cookbook Part 2 — SSH and ECS Key Pairs

Part 1. Replacing an ECS Instance Key Pair

[ecs.AttachKeyPair]: current operation can uses parameters as follow :--AccessKeyId                                   | --AccessKeySecret
--InstanceIds | --KeyPairName
--OwnerId | --RegionId
--ResourceOwnerAccount | --ResourceOwnerId
--output | --profile
--version
{
"FailCount": 0,
"TotalCount": 1,
"RequestId": "11CC0000-D577-4462-B410-ABCDEFCF2129",
"Results": {
"Result": [
{
"InstanceId": "i-abcdeftvgllm854abcde",
"Message": "successful",
"Code": "200",
"Success": true
}
]
}
}

Part 2. Creating an ECS Instance Key Pair

[ecs.CreateKeyPair]: current operation can uses parameters as follow :--AccessKeyId                                   | --AccessKeySecret
--KeyPairName | --OwnerId
--RegionId | --ResourceOwnerAccount
--ResourceOwnerId | --output
--profile | --version
{
"KeyPairFingerPrint": "7d6849d03953aa5584240de7c9d4b8c8",
"PrivateKeyBody": "-----BEGIN RSA PRIVATE KEY-----\nMIIEpAIBAAKCAQEAh1y3ot74ipDU+mHUZEBWDDT22VTkP0NVG4mOL1NQQYhGhccT\nKLqBKtiVeWG1PeHhHFJqrRYVW5qwgC4P/dYA+B+ztdHD1HYdRGwMSW0JxNL/rEy4\n4W9IxKh6jt9/XLUSIacNjtcHocPLF0Nw8/zsfcuSsvBB9EKhyep+c8qTKozWHb7O\nsbFlYXcKLo8rOpHTJIYOyR0Jrd2sR1zP8laB71+mvYtpuf90Rc23IxABn+Z+hefb\n7zSO/sQ2ve5aOaYMlWez8RoAPme2cGBszWFUvyT6GXWMGIucPuUOl9ATRN4DWmqw\n8LltgtLUDQk0Ji3svAYbC4+0dkhkrcfp4VzVlwIDAQABAoIBADSQK3sijG76aMnF\nvX0kgoWA965TScLLObxUwRLdjle0PHZsZKM3MTtbGUgmSgP6t7iQxH3sCmUk/472\n1BzkwkGXxeg/yYSyTREpx+enYNi+eqwEqvJXjXFYXycl4MY2RhEtVpV2KK+HYVDq\nTm1gdNEwgQndRC8+xKas2WfLbTRjJFapqW2zv3p1V83gVassrTLCCYSbV36jJO1z\nNpaU3feQPQL86+5ToNSoNepqYGInY6EYlKhkZHgVGRHsrqgPoyHGjBsyP4I3F1fO\njKcwPuGAerTn6MHtpW6m2kKnjz8qjClAPHY61ZmN9HIZHPTu1S7y9rHId5vy706X\nzwpQwpkCgYEA1H6/l6u2y1Rn2OSteIqTsxhZcJ3ICG8tSQp77fcFSi+LUDPAeBB9\nhvhiYpkzqj0sI5GIlXG+Wg7R8DwUxw6T+vQtFnFMdzqImqsU8+Qva/BqfRkFHsKO\n+FXGwLoWPVYJV25GD2gcDZpJ5KfNGv/hqrh0TEMtikVMKq30UaW58PMCgYEAoxNK\n+x3JnvzyMup/ZIgIlUjj2xy/V1AQq3+Ck3sQ9AaLZFuFPmHW1hKSXV/XBaDL3FfJ\nVVkWMRwmxgd4dMqosgWQYd69Qx5C3H0KKZh//9NpmV17WEiIknHSZbYxzeX14lsD\nWPiSeNdtrzTQRY0Q79JB2YTDUvABrRfJZe9eUc0CgYEAvg0q4MVktRCl3LgSaqhO\nl7TkcbO8r8Z300b8NoZjhclmKXJP51KgYrIOlK7/JXiW3K0SYs8bd8Kfg+TIlIx2\nT9JJ7TOiN1TzzpnLIKNqwniBVaemC6/pXTSikccdkvg7XKY1JRxxUr0277og2NAZ\nDq7w3TCML4nxKI7y4H+AAX8CgYA/T+o4fGQe2c2efvRer4HFk7sDArI2z9ro+mRT\npd/7Hd9YYz/j7FBgZG122xK8GKWNMnf0LtYy0t8q2xOlJFlCZG6d0MBiIomK2PDt\nHUv0orvI00ZkDCUZ1h79ZjMH4VQJQZSXIkqbp+fpsfN6TT5aHaN7M9QxiwTbkvSa\nIsjXsQKBgQCgMvR+jKE9OsCtM70eRBy0LDVEOjky7rce29I+cg3OZkAmKQ8qiE/S\no86+gQeQCMm9y9KiPHLVg9XIuZwkh+eVI4drRrEyM3InrHYLRtBuDfztCH9di+Ru\nF2w6y8t4/Kc5mSg0GBK725uTzfNdkyZE1TZAH6gx1KeSfMGGLP0mqw==\n-----END RSA PRIVATE KEY-----\n",
"RequestId": "01234562-5F4C-4DD9-BC42-ABCDEF26FF96",
"KeyPairName": "Test3"
}
############################################################
# Version 1.00
# Date Created: 2018-05-17
# Last Update: 2018-05-17
# https://www.neoprime.io
# Copyright (c) 2018, NeoPrime, LLC
############################################################
"""
This program reads standard input and writes to standard output
The input is expected to be the output from the Alibaba Cloud CLI command:
aliyuncli ecs CreateKeyPair --RegionId us-west-1 --KeyPairName Test3
"""
import sys
import json
data = json.loads(sys.stdin.read())print(data['PrivateKeyBody'])
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAmPJORshGZmC+vV58zMAGRBKJs0Bs/bSHvwQtu+ICSNDyUj9+
3l0yCXm3rbYHV0OT4sqMAhZf7dowryRpQRwU2f1YS6Jga/PnuOQ8rhHTgO8jImdj
OWKB02G6SCIB5M/ddrHiEeih/5dIPA4ztZjm3A2ps22KSDFOg0TOybK0HbnWbFKh
FIiS2QqoF4p0+Pe14jKkHEvFDKSIBs7WIAYIjCloQ7DfIy4StjPxUYD9xBbvN4vj
o47yMi9qyoXqyzrTZ1rcqiWeQuv8343sHJ6Rj+yO+yT+dZWCZiY7zMU5pKa3sDds
LD3XwqZYJ1X+ddMpmxngU5zBIi/uPzx7PFf05wIDAQABAoIBABPthktsrteKBXAx
DnuzDV3zOGPVoh3QVtuJlNflE70fFGOpCEO6ytk3Nbp5fC1fjbZAA8wF1EvuYOeB
DAHCwejBPK7mIkAOkIOjoVBg3Djxb5d89w20CwxasGXToIGKn+VmOflxYSInOO8y
PoSLvpCvawwI2rqbSgqKfZMEKLmyl9zQ6gAa4lLC3AMAxv9mFgfnTZtzXwNWmFXW
74MX5LGG8IEK4I18UBaKmYzBZOQ+gNVtKPnhYGe0MC51r6NvBVbA1FHnXSqiHZXq
Ra7g543BFmDa96cIT/hfRhOfY0RxvwE+/84e8/TQ6UqQt3ZPb7eaddIO15YluObC
7vOkDAkCgYEA5bww+BUdIEmZ2EwAScX7lHq1d/tMSGsosEp55IDyMDOAvdexVBVZ
xwVf8RRhWv7d2Y2PMqGQSp2I/4CTpdvfnA/E0usGtKfcgeRZBuSTmfiriUO3+8zm
G2J2Eg0mUqR2QoXlOzHJ62j70jP8JxC/yAyu5+qa6TiInfJftrwh9wMCgYEAqm6x
D3gX0fe0uTG3278jqU3n6ooy44f7gfrFsDvkJzYaUb3FwPKFfaRV9j6nfHd5B6Ks
EBp6WAqDle5cdLCO6J8GCp+9tweFHZ9SaGhDYHECmYzQUbdoDLlM2wYetfVWCgvz
e5CwuHYuX1oXrKwhrkYwxCtZJ/W57gp9zJuz400CgYEAi6uSigEsKAkXQ21Rb4iy
n17LHRrnEdA0eJmO6eGLXMqzJrgP03L3lgwqfENLvSrebfmmab3YH8UPGWduXJQE
qrjbjO/er86uPTo69fnZ0u5gO5+0J54298cwyWC9P9lFHMSSzR5ECJ9XGkEIuCdy
sYkkfVMgw1HfnUdR8aMHc0kCgYASLt0VGWrxK8xMNdG30Byt43Hqw/PJ8qgSpf6R
XtJonI0SS3zdqQI09WN2chjMXrK67dANp8WFvxlq1ZNnn66fgtfSKljDPjolfun7
2aPWljgAydUv4rFnKh3ZAD4mi5YyXDQN6tHv3Cv2YFZGRdcSEMsDItzQNpcvnk7t
lW8LwQKBgEP1uYJMV4HU3MJLqsyPZDTkkCA/a6g3Lkd7+XUlDfxMmm2Q7rjUI6su
l7yIU/T+zRW7+naytm7tPDiL3NoAFQG9bEJo+9nnobM6fsyVyX/jcVFQ+AnjTgE+
6h+ANs/jyLDnxUecSx2ITYA57lsapv+OatcPFnjUvi/+9Ut/vooI
-----END RSA PRIVATE KEY-----
aliyuncli ecs AttachKeyPair --InstanceIds "[\"i-abcdeftvgllm854abcde\"]" --KeyPairName Test3 `
aliyuncli ecs RebootInstance --InstanceId i-abcdeftvgllm854abcde

Part 3. Importing an ECS Instance Key Pair

#openssl rsa -in Test4.pem -pubout -out Test4.pub 
ssh-keygen -y -f test5.pem > Test4.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCrk3VshObZ8zz6DLQb6yUhC8+gOrm/tu8psXASVPh4FqTkfiMu/DuTNfUV+j3KYTBnHdfEZoydtNNt1JrXi3rngvZsfgBzGw8Yqoyu+CdsR3wrI2LCqgpAOa06MS6iydu+xRo8c/JTZHpscE/igxqF4bNIYHVCHoBV6wKSo4VQSN0m8UB3Je1u9ga0V4jXpPPJZnBa3n9aafNzikTFeycBwbauJjsrY2IpL3xybkwPE14hdkbUxMEFu9cO+FNSTPFGq5UxXsS1vQkPySm5WHgF/N4zC/HMfiNjwwiwKxW+GZnOsCKSbqBBFwRJj+7N3OlIZ2sgEBSQGHYAWAEHU7Od
aliyuncli ecs ImportKeyPair --RegionId us-west-1 --KeyPairName Test4 --PublicKeyBody "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCrk3VshObZ8zz6DLQb6yUhC8+gOrm/tu8psXASVPh4FqTkfiMu/DuTNfUV+j3KYTBnHdfEZoydtNNt1JrXi3rngvZsfgBzGw8Yqoyu+CdsR3wrI2LCqgpAOa06MS6iydu+xRo8c/JTZHpscE/igxqF4bNIYHVCHoBV6wKSo4VQSN0m8UB3Je1u9ga0V4jXpPPJZnBa3n9aafNzikTFeycBwbauJjsrY2IpL3xybkwPE14hdkbUxMEFu9cO+FNSTPFGq5UxXsS1vQkPySm5WHgF/N4zC/HMfiNjwwiwKxW+GZnOsCKSbqBBFwRJj+7N3OlIZ2sgEBSQGHYAWAEHU7Od"
{
"KeyPairFingerPrint": "883aff9af03f3ee5dd0e186099a2e173",
"RequestId": "11CC0000-4675-4F9A-887F-ABCDEFEF7D5B",
"KeyPairName": "Test4"
}

Part 4. Create user and assign SSH Public Key

# cd /home/john 
# mkdir .ssh
# chmod 700 /home/john/.ssh 
# chown john /home/john/.ssh
# chmod 600 /home/john/.ssh/authorized_keys
# chown john /home/john/.ssh/authorized_keys

Developer Documents

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store