Common EC2 key pair for all EC2 instanced in multiple AWS regions

In some deployment architecture scenarios with multi-region high available application deployments or SaaS solutions, it may be required that you as the AWS or SaaS platform admin you have to access the AWS EC2 instances deployed in different regions. It is handy and convenient to have same set of EC2 SSH key pairs across the regions so that you can connect to any particular EC2 resource across different regions. This can be applicable for deployment architectures simplified as below for the purpose of explaining this SSH key usecase as an example.

How AWS key pairs work ?

Key pairs are a bundle of public and private keys. AWS stores the public key portion of the key pair so that it can decrypt the SSH traffic generated by the authentic private key which should be privately and securely held in your possession.

In order to have same set of key pairs deployed in all AWS regions what we have to do is

1. Generate a key pair in of the the regions and download the key pair to your PC/Mac
2. Export/Extract the public key to your local disk
3. Upload/Import this public key portion to all AWS regions you will be working with.

Lets see how this can be done.

First, lets generate one key pair using the AWS console and store it locally on your machine. You can skip to next step if you already have a key pair generated.

Secondly, lets extract the public key of this key pair you downloaded in previous step with below command.

> ssh-keygen -y -f MyAWSVMKP.pem > ./MyAWSVMKP.pub

This .pub file contains the public key component of the key pair which is something like this

ssh-rsa KKKKKB3NzaCUYD&*YUIDAQABAAAkndfod8FDUrwXPKdosG3M8LcsaZJWZxZPxk98SjpF9XVW8JuGK9Ef2NKCN897enjkHhmDiMhaIcx6bYY370MZ9ZQZqLgSW6Kk+BUTjewNTC1d0cMsJND&^ThbhjdlUO+vC/WTlO9Ugl6u2NSrNovI8+Qsr8mjnfds7cwYeI/LSKJND88+9Ct0PK6xiwnVrQjfyokF5Sf7+Y3RHa52evvtsBrXSvAmBULgwBgKVBONT+f3cPYfjd97kGPKA/cBp3pCX1+1JN5jhf7sd8VhP&hk8+McHTJ/G/jh86d7sD+G6noJ/2d2i8njk2nL7i5Gu/4Wo3cd9diu

Finally, You can import this public key to all your regions as shown below

1. Change to the AWS region you need to have the key pair imported

2. Go to EC2 Console, search EC2 and click to open EC2 console view

3. Go to KeyPairs section under Networking & Security items in left side menu

4. Click on the Import Key Pair from the Actions menu at top-right

5. Upload the .pub file generated previously and give your key pair a name. Alternatively you can copy the contents from the .pub file in to the text box too

6. Hit import key pair button

7. You should now seethe key pair entry is generated

We’re Done !

With this now you can use the same private key to SSH into the EC2 VMs you have been using in some other region with the SSH command you use something like below.

> ssh -i MyKeyPair.pem ec2-user@<server_IP>

Hope this helps you guys and learnt something good even if its a small thing !