Connecting to Linux Instances Using Key Pairs

This guide shows you how to connect to Alibaba Cloud Elastic Compute Service (ECS) Linux instances using common SSH tools on Linux and OSX workstations.

SSH key pair, or key pair for short, is a secure authentication method to remotely log on to your Alibaba Cloud Linux instance. It is a different solution from the typical username and password authentication. Compared with other authentication methods, SSH key pair authentication is more secure and is more convenient if you maintain multiple ECS instances.

You can generate a new key-pair and apply it to your instance, which allows you to connect using third-party tools. For example, you can connect using SSH on Linux or OSX workstations.

Generating a New SSH Key-pair

Linux and OSX Workstations

Open a terminal on your workstation and use the ssh-keygen command to generate a new key-pair. Specify the -C flag to add a comment with your instance username, where [USERNAME] is the user on the instance for whom you will apply the key.

Make sure this user name already exists in the server or use root by default.

ssh-keygen -t rsa -f ~/.ssh/my-ssh-key -C [USERNAME]

Note: If the user does not exist on the instance, these steps are not going to work.

Restrict access to your my-ssh-key private key so that only you can read it and nobody can write to it.

chmod 400 ~/.ssh/my-ssh-key

Obtain the contents of the ~/.ssh/ public key file with the cat command.

cat ~/.ssh/

The terminal shows your public key in the following form:



  1. [KEY_VALUE] is the generated public key value.
  2. [USERNAME] is your username.

Copy the output from the cat command and paste it as a new item when importing an Existing Key Pair in the Manage Key Pairs page.

At the bottom of the Manage Key Pairs page, click OK to save your new system-wide SSH key.

Note: The public key is NOT set to work across all the instances in your project.

Click on the Bind Instance link next to the key pair to assign the new key pairs to instances of your choice.

Or select the already created key pair when creating a new instance

Use the ssh command to connect to your instances.

Connecting Using SSH on Linux or OSX Workstations

Use the ssh command to connect to your instance. Specify your username and the external IP address for the instance that you want to connect to. Your username is the username that you setup in the instance. By default this will be the root account. For this example, the private key is at ~/.ssh/my-ssh-key.

ssh -i ~/.ssh/my-ssh-key [USERNAME]@[IP_ADDRESS]


[USERNAME] is your username

[IP_ADDRESS] is the IP for your instance.

If the connection is successful, you can use the terminal to run commands on your instance. When you are done, use the exit command to disconnect from the instance.



Follow me to keep abreast with the latest technology news, industry insights, and developer trends. Alibaba Cloud website: