Managing SSH Key for VPS

Description

SSH keys provide a secure way to log in to your VPS. They consist of a key pair with private key (that you must keep secure) and a public key that you copy and share with whom you want to communicate with. They will allow you to log in to your servers in a secure way without the need to use a password.

When you register your public SSH key with your VPS, it will be installed automatically in the root account and you will be able use your private key to connect to them using any SSH client like OpenSSH (http://www.openssh.com) or PuTTY (http://www.chiark.greenend.org.uk/~sgtatham/putty).

Currently SSH keys can only be used to access VPS based on the Linux and FreeBSD templates.


Contents

Creating/generating an SSH key for an instance

Depending on your operating system, there are different ways in which you can create/generate an SSH key pair.

Linux or OSX systems

ssh-keygen -t rsa -b 2048

Windows systems

Use PuTTYGen to create a SSH-2 RSA key. For detailed instructions about manually generating your SSH keys in Windows, please see the PuTTY tutorial.

Registering an SSH key for a VPS

The SSH Public key can be shared with those systems you want to access to. This allows you to log in to your servers in a secure way without the need to use any password. If you register your SSH key with your VPS, you will be able to connect to your servers using any SSH client like OpenSSH (http://www.openssh.com) or PuTTY (http://www.chiark.greenend.org.uk/~sgtatham/putty).

Perform the following steps to register an SSH key:

  1. In the menu bar, under Compute, select Virtual Private Server.
  2. Click on the ID of the VPS for which you want to register an SSH key.
  3. Click on the SSH tab.

  4. Click Register a New SSH Public Key
    The Register a new SSH Public Key pop-up window displays.

    Pro tip: SSH2 public keys have the format of a single line with the fields: "options" "key-type" "base64-encoded public_key" "comment" where the "options" field is optional and typically omitted as seen in the screenshot above.

    The "options" field can be used to place or lift restrictions on what can be done when that specific public key is used to access your virtual server. A good security precaution to mitigate the risk of a compromised private key is to add the "from=" option to restrict from which hosts/ip-addresses can be logged in. Please refer to AUTHORIZED_KEYS FILE FORMAT section in the manual page for the OpenSSH server for a description of exact syntax of the "from=" option and the additional options.

  5. Enter the name of the SSH key and the Public key, and click Submit. 
  6. The SSH key is generated and provides a fingerprint (short way to identify the long Public key).


Associating SSH Key with a VPS

If you want to access your VPS from outside the Customer Portal (using any SSH client like OpenSSH (http://www.openssh.com) or PuTTY (http://www.chiark.greenend.org.uk/~sgtatham/putty)), you need to associate the generated SSH Key to the VPS. 

In order to associate an SSH key to a VPS, please ensure that:

  • The SSH key is already registered to the VPS
  • The VPS is powered off
  • Only a single SSH key can be associated to a specific VPS

Perform the following steps to associate an SSH key to a VPS:

  1. Upload the desired public key using the steps described above.
  2. Power Off the VPS.
  3. Under the Actions column, click Associate with VM.
     
     
  4. The SSK key gets associated with the VPS. 
  5. Power the VPS on again and the selected public key will be installed in the root account of your VPS.