This article provides steps for generating RSA keys by using PuTTYgen on Windows for secure SSH authentication with OpenSSH.
One effective way of securing SSH access to your City cloud server is to use a public/private keypair. This means that a public key is placed on the server and a private key is placed on your local workstation. Using a keypair makes it impossible for someone to log in by using just a password, as long as you set up SSH to deny password-based authentication.
In Windows, use PuTTYgen to generate our public and private keys.
- If needed, download PuTTYgen from the PuTTY download page.(PuTTYgen might have been installed previously with PuTTY or WinSCP.)
- Launch the program, and then click the Generate button.
The program generates the keys for you.
- Save the public and private keys by clicking the Save public key and Save private key buttons.
- From the Public key for pasting into OpenSSH authorized_keys file field at the top of the window, copy all the text (starting with ssh-rsa) to your clipboard by pressing Ctrl-C.
You need the this key available on your clipboard to paste either into the public key tool in the controlpanel or directly into the authorized keys on your server.
You can use the keypair in 2 ways:
1) Specify your SSH key when creating a new server
When you create a server, you can add a new public keypair or assign an existing public key.
To add a new public key, perform the following actions:
- In your citycontrol panel, click On Servers and choose Keypairs and then click on Create Keypais.
- If assigning an existing puclic key, select the existing name of the keypairs and choose your datacenter in the list for your new server.
- Paste your entire public key into the Public key field and then click Create Keypairs.
- Confirm that your key is listed in the Keypairs list for your new server.
Assign Your SSH Key to Your Existing Citycloud Server
To make use of your newly generated RSA key pair, you must tell PuTTY to use it when connecting to your server.
- To edit the file (and if necessary, create it), run the following command:
The key and its associated text (the ssh-rsa identified at the start and the comment at the end) should all be on one line in the file. If the text is word-wrapped onto multiple lines an error might occur when connecting.
- Edit the ~/.ssh/authorized_keys file on your Cloud Server and paste the text onto its own line in the file.
Note: You must have the key available on your clipboard to paste it.
- If you created the authorized_keys file, change its permissions after you're done editing it by running the following command:
chmod 600 ~/.ssh/authorized_keys
- Open PuTTY and go to the SSH > Auth section.
- Browse to the location of the key file and load the private key.
- To make PuTTY use the key every time that you connect to your server, save the configuration by going to the Session page and saving the session.
After you save your session, your key is loaded automatically whe you connect to your server.
A usefull guide on our Keypair Section is found in our videoguide: https://www.citycloud.com/openstack/openstack-live-demo-qa-video/
Recommended videoguides: https://www.youtube.com/channel/UCb6caLItXx6egEv4d8y9Azg