AWS provides access to EC2 by downloading the private key(.pem) into management host that connects to EC2.
AWS uses openssl tool
Key providers generally provide public key but not private key, because with keypairs, one can encrypt either with public key or private key and decrypt with other key, as shown below:
$ openssl genrsa -out mykey 2048
$ cp mykey privatekey
$ openssl rsa -in mykey -pubout -out publickey
$ rm mykey
$ # Encrypt with public key
$ echo "the cat sat on the mat" | open ssl rsautl -encrypt -pubin -inkey publickey > ciphertxt
$ # cat cipher.txt
$ # cat cipher.txt | openssl rsautl -decrypt -inkey privatekey
1) Why AWS distributes private key instead of public key? for secure communication...
2) Key pair is mainly to secure communication on the wire, but not authenticate user, to access a resource in AWS.
ssh -i something.pem user@ec2-public-dns-name
How does distribution of a key solve authentication problem? key can be stolen by any wrong person...Why AWS allow ssh login to EC2 without a password?