Create and host anSSH key onacloud server
SSH keys can beused tosecurely server connections over the encrypted SSH protocol. This isakey pair: the private key isstored onthe local computer and the public key isplaced onthe server.
Werecommend using SSH keys instead oflogin and password toauthenticate tothe cloud server.
SSH keys oftypes ed25519, rsa, ecdsa, and dsa can beused.
Create anSSH key pair.
Optional: Add apublic SSH key tothe cloud platform.
The way akey isadded tothe cloud platform affects its availability inprojects, pools, and tousers, aswell asthe way itisplaced onthe server when created. See the table for more details onkey differences SSH keys for project and service user.
Place apublic SSH key onacloud server.
Create SSH keys
Linux/macOS
Windows
OpenStack CLI
Open theCLI.
Generate apair ofSSH keys:
ssh-keygen -t <key_type>
Specify
<key_type>
— SSH key type:еd25519
,rsa
,ecdsa
ordsa
Amessage will appear asking you toselect adirectory tostore the key pair— example for rsa key:
See AlsoIBM Cloud DocsAccess an Oracle Cloud Service Using SSHAdd SSH keys to VMs | Compute Engine Documentation | Google CloudAdding an SSH KeyEnter file in which to save the key (~/.ssh/id_rsa):
Toleave the default directory for storing keys, click Enter. Ifyou want toselect adifferent directory, enter itinthe format
/path/to/id_rsa
and press Enter.Optional: enter apassphrase for additional protection, repeat the passphrase and press Enter:
Enter passphrase (empty for no passphrase):
Enter same passphrase again:Wait for the message that the keys have been generated. Two files will becreated:
id_rsa
(private key) andid_rsa.pub
(public key). The key fingerprint and its image will appear inthe terminal:Your identification has been saved in ~/.ssh/id_rsa
Your public key has been saved in ~/.ssh/id_rsa.pub
The key fingerprint is:
The key's randomart image is:Output the public SSH key:
cat <path>
Specify
<path>
— the full path tothe public key you specified instep 3, for example~/.ssh/id_rsa.pub
.
optional: add apublic SSH key tothe cloud platform
Apublic SSH key can beadded toacloud-based platform and then hosted atthe server creation.
The way akey isadded tothe cloud platform affects its availability inprojects, pools, and tousers, aswell asthe way itisplaced onthe server when created. See the table for more details onkey differences SSH keys for project and service user.
For the project
For the service user
The key will only beavailable inone project, for all users.
- Вcontrol panels gotoCloud platform → Access.
- Open the tab SSH keys.
- Click Add anSSH key.
- Enter the name ofthekey.
- Insert apublic SSH key inOpenSSH format.
- Click Add key.
Host apublic SSH key onacloud server
You can place apublic SSH key bycloud server creation oronanexisting server.
Toaccess the cloud server via SSH, you need toadd apublic SSH key tothe file ~/.ssh/authorized_keys
onthe server. You can add multiple keys, for example, ifyou need access for multiple users.
You can place public SSH keys onanexisting server intwo ways:
- copy the key tothe server from the local computer using the ssh-copy-id command;
- manually place the key onthe server.
Copy apublic SSH key from alocal computer using ssh-copy-id
From Linux/macOS
From Windows
Team ssh-copy-id
adds the public SSH key tothe end ofthe file ~/.ssh/authorized_keys
. The command creates adirectory and afile ifthey have not already been created.
Open the CLI onthe local computer.
Copy the public SSH key tothe cloud server:
ssh-copy-id -i <path> <username>@<ip_address>
Specify:
<path>
— the full path tothe public key onthe local computer, e.g.~/.ssh/id_rsa.pub
;<username>
— username;<ip_address>
— the public IPaddress ofthe server.
Enter the user's password.
Manually place apublic SSH key onthe server
Open the public SSH key file onthe local computer:
Linux/macOS
Windows
cat <path>
Specify
<path>
— the full path tothe public key onthe local computer, e.g.~/.ssh/id_rsa.pub
.Copy the value ofthe public SSH key.
Connect tothe server.
Gotothe directory
.ssh
:cd .ssh
Create afile
authorized_keys
:touch authorized_keys
Add tothe file
authorized_keys
public SSH key:echo <public_ssh_key> >> ~/.ssh/authorized_keys
Specify
<public_ssh_key>
— public SSH key that you copied instep 2. Itstarts withssh-rsa
.Configure access rights:
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys
SSH keys for project and service user
Apublic SSH key can beadded tothe cloud platform:
- for projects;
- orfor service user сrole Project Administrator orProject Supervisor.
SSH key for the project | SSH key for the service user | |
---|---|---|
How add akey tothe cloud platform | Inthe control panel, under Cloud platform → Access |
|
How tohost onacloud server when server creation | Inthe control panel |
|
For which users isitavailable | For all users ofthe project | For one service user with the roles Project Administrator orProject Supervisor |
Inwhich projects isitavailable | Inone project. | Inall projects towhich aservice user has been added |
What pools are available in | Only inthe pool towhich itwas added |
|
Where can Isee the list ofkeys | Inthe control panel, under Cloud platform → Access |
|