Create a custom key using the Lightsail console - Amazon Lightsail

Create a custom key using the Lightsail console

You can create custom key pairs from the SSH keys management page in the Lightsail console, or when creating a new instance.

SSH keys management page

Complete the following procedure to create a custom key pair from the SSH keys management page in the Lightsail console.

  1. Sign in to the Lightsail console.

  2. On the on the top navigation pane, choose the user profile icon.

  3. Then, choose Account in the dropdown menu.

  4. Choose Create key pair under the Custom keys section of the page.

  5. In the Select a region prompt that appears, choose the AWS Region in which you want to create your new custom key. You will be able to configure your new custom key on new instances in the same AWS Region.

  6. In the Create a new SSH key pair prompt that appears, give your custom key a name, and choose Generate key pair.

  7. In the Key pair created! prompt that appears, choose Download private key to save the private key to your local computer.

  8. Choose Ok, got it! to close the prompt.

  9. Your new custom key is listed under the Custom keys section of the page.

Create instance workflow

Complete the following procedure to create a custom key pair as you are creating a new Lightsail instance.

  1. Sign in to the Lightsail console.

  2. Choose Create instance.

  3. On the Create an instance page, choose Change SSH key pair.

  4. Choose Create new.

  5. Lightsail displays the AWS Region where you're creating the new key. Choose Create.

  6. Enter a name for your key pair.

    Resource names

    • Must be unique within each AWS Region in your Lightsail account.

    • Must contain 2 to 255 characters.

    • Must start and end with an alphanumeric character or number.

    • Can include alphanumeric characters, numbers, periods, dashes, and underscores.

  7. Choose Generate key pair.

  8. Continue creating your instance.

Important

Store the private key in a secure location. Don't share it publicly because it can be used to connect to your instances.

This is the only time you can download the private key of the custom key pair. Lightsail does not store the private key of custom key pairs. After you close this prompt, you will not be able to download it again.

You can configure your new custom key on new instances that you create in the AWS Region where you uploaded your key. To configure your new custom key on instances that were previously created and are currently running, see Change the key pair for your Lightsail instance.