You can add multiple SSH key pairs to a Linux instance to allow access to the instance by using different key pairs. You can also replace existing key pairs on the instance based on your business requirements. This is suitable for multi-user environments or scenarios that require key rotation. This topic describes how to add an SSH key pair to or replace an SSH key pair on a Linux instance.
Prerequisites
The public key information of a new SSH key pair is obtained. For more information, see View public key information.
Background information
On Linux instances, the public key information of SSH key pairs is stored in the ~/.ssh/authorized_keys file. You can modify the file to add or replace multiple key pairs.
You can bind only one SSH key pair to an instance in the ECS console. If you need only one SSH key pair for an instance, we recommend that you bind the key pair to the instance in the ECS console. For more information, see Bind an SSH key pair.
Procedure
Use an existing SSH key pair to log on to the Linux instance.
For more information, see Connect to a Linux instance by using an SSH key pair.
Run the following command to open the
.ssh/authorized_keys
file:sudo vim .ssh/authorized_keys
Press the
i
key to enter edit mode and add or replace the public key information.You can add and save new public key information below the existing public key information.
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCys3aOkFm1Xh8iN0lijeQF5mz9Iw/FV/bUUduZjauiJa1KQJSF4+czKtqMAv38QEspiWStkSfpTn1g9qeUhfxxxxxxxxxx+XjPsf22fRem+v7MHMa7KnZWiHJxO62D4Ihvv2hKfskz8K44xxxxxxxxxx+u17IaL2l2ri8q9YdvVHt0Mw5TpCkERWGoBPE1Y8vxFb97TaE5+zc+2+eff6xxxxxxxxxx/feMeCxpx6Lhc2NEpHIPxMpjOv1IytKiDfWcezA2xxxxxxxxxx/YudCmJ8HTCnLId5LpirbNE4X08Bk7tXZAxxxxxxxxxx/FKB1Cxw1TbGMTfWxxxxxxxxxx imported-openssh-key ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDdlrdZwV3+GF9q7rhc6vYrExwT4WU4fsaRcVXGV2Mg9RHex21hl1au77GkmnIgukBZjywlQOT4GDdsJy2nBOdJPrCEBIPxxxxxxxxxxx/fctNuKjcmMMOA8YUT+sJKn3l7rCLkesE+S5880yNdRjBiiUy40kyr7Y+fqGVdSOHGMXZQPpkBtojcxxxxxxxxxx/htEqGa/Jq4fH7bR6CYQ2XgH/hCap29Mdi/G5Tx1nbUKuIHdMWOPvjxxxxxxxxxx+lHtTGiAIRG1riyNRVC47ZEVCg9iTWWGrWFvxxxxxxxxxx/9H9mPCO1Xt2fxxxxxxxxBtmR imported-openssh-key
NoteIf the public key file contains information about multiple public keys, you can log on to the Linux instance by using the paired private keys.
You can delete existing public key information and then add and save new public key information.
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDdlrdZwV3+GF9q7rhc6vYrExwT4WU4fsaRcVXGV2Mg9RHex21hl1au77GkmnIgukBZjywlQOT4GDdsJy2nBOdJPrCEBIP6t0Mk5aPkK/fctNuKjcmMMOA8YUT+sJKn3l7rCLkesE+S5880yNdRjBiiUy40kyr7Y+fqGVdSOHGMXZQPpkBtojcV14uAy0yV6/htEqGa/Jq4fH7bR6CYQ2XgH/hCap29Mdi/G5Tx1nbUKuIHdMWOPvjGACGcXclex+lHtTGiAIRG1riyNRVC47ZEVCg9iTWWGrWFvVlnI0E3Deb/9H9mPCO1Xt2fxxxxxxxxBtmR imported-openssh-key
After you add or replace the public key information, press the Esc key to exit the edit mode and enter
:wq
to save the changes.Use the new SSH key pair to log on to the Linux instance. For more information, see Connect to a Linux instance by using an SSH key pair.
If you can log on to the Linux instance by using the new private key, the new SSH key pair is added or the old SSH key pair is replaced.