Virtual Server Management: SSH

Description


SSH keys provide a secure way to log in to your Virtual Servers. They consist of a key pair with private key (that you must keep secure) and a public key that you copy and share with whom you want to communicate with. They will allow you to log in to your servers in a secure way without the need to use a password.

When you register your public SSH key with your Virtual Servers, it will be installed automatically in the root account and you will be able use your private key to connect to them using any SSH client like OpenSSH (http://www.openssh.com) or PuTTY (http://www.chiark.greenend.org.uk/~sgtatham/putty).

Currently SSH keys can only be used to access Virtual Servers based on the Linux and FreeBSD templates.


Contents

Creating/generating an SSH key for an instance

Depending on your operating system, there are different ways in which you can create/generate an SSH keypair.

Linux or OSX systems

ssh-keygen -t rsa -b 2048

Windows systems

Use PuTTYGen to create a SSH-2 RSA key. For detailed instructions about manually generating your SSH keys in Windows, please see the PuTTY tutorial.

Registering an SSH key for an instance

The SSH Public key can be shared with those systems you want to access to. This allows you to log in to your servers in a secure way without the need to use any password. If you register your SSH key with your Virtual Servers, you will be able to connect to your servers using any SSH client like OpenSSH (http://www.openssh.com) or PuTTY (http://www.chiark.greenend.org.uk/~sgtatham/putty).

Perform the following steps to register an SSH key:

  1. In the menu bar, under Cloud, select "Virtual Server".
    The Virtual Servers Overview page displays. 


  2. Click the Manage button for the Virtual Server for which you want to register an SSH key.
    The Server Management page displays.


  3. Click the SSH tab to register an SSH key for an instance.


  4. Click the "Register a New SSH Public Key" button. 
    The "Register a new SSH Public Key" popup window displays.



    Pro tip: SSH2 public keys have the format of a single line with the fields: "options" "key-type" "base64-encoded public_key" "comment" where the "options" field is optional and typically omitted as seen in the screenshot above.

    The "options" field can be used to place or lift restrictions on what can be done when that specific public key is used to access your virtual server. A good security precaution to mitigate the risk of a compromised private key is to add the "from=" option to restrict from which hosts/ip-addresses can be logged in. Please refer to AUTHORIZED_KEYS FILE FORMAT section in the manual page for the OpenSSH server for a description of exact syntax of the "from=" option and the additional options.



  5. Enter the name of the SSH key and the Public key, and click the "Confirm" button. 

  6. The SSH key is generated and provides a fingerprint (short way to identify the long Public key).


Associating SSH Key with a Virtual Machine

If you want to access your Virtual Machine from outside the Customer Portal (using any SSH client like OpenSSH (http://www.openssh.com) or PuTTY (http://www.chiark.greenend.org.uk/~sgtatham/putty)), you need to associate the generated SSH Key to the virtual machine. 

In order to associate an SSH key to an instance, please ensure that:

  • The SSH key is already registered to the Virtual Machine
  • You Power Off the Virtual Machine 
  • Only a single SSH key can be associated to a specific Virtual Machine

Perform the following steps to associate an SSH key to a virtual machine:

  1. Upload the desired public key using the steps described above.
  2. Power off the virtual machine.
  3. Under the "Actions" column, click the "Associate with VM" button.
     
     
  4. The SSK key gets associated with the Virtual Machine.
     
  5. Power the Virtual Machine on again and the selected public key will be installed in the root account of your VPS.