When you deploy a virtual machine, most combinations of venue and operating system require you to provide an SSH Public Key (currently only Windows on Azure does not). This key is inserted into the virtual machine at creation time so that you can remotely administer it. Tuono does not currently create or manage SSH Keys.
Goals
By completing this tutorial, you will learn to:
Generate SSH key pairs on various platforms
Configure your environment to use the generated keypair
Use the kepair to log in to your deployed infrastructure.
Platform Requirements
Open a command prompt and attempt to run the commandssh-keygen.If it is not found, you will need to complete this section. If it is found, cancel out of it and skip to "Creating an SSH Keypair"
OpenSSH is installed by default on later Windows builds
OpenSSH is installed by default, so no additional setup should be necessary.
Creating an SSH Keypair
It is important to do this step as a normal user
On all platforms you can generate a keypair using the commandssh-keygen.
Generate an SSH keypair
If the path is not specified - as in the command below - This defaults to: <path_to_user_dir>/.ssh/id_rsa
The fileid_rsacontains the private key, which you keep, as you will need to use it later to log into your virtual machine(s).
The dialogue should look like this:
It is up to you to safeguard the contents of theid_rsafile.
The fileis_rsa.pubcontains the public key, which you can place into a blueprint or into a variable as needed. Public keys do not need to be treated as secrets. The contents of the public key file can be shared freely without any consequence.
Using an SSH Keypair
Provisioning
Our tutorial contains a blueprint with a variable named admin_public_key. You can set this variable in your environment to the text string within theid_rsa.pubfile. It will look something like this:
Theadmin_usernameaccount on the virtual machine will be configured to allow ssh inbound using the private key that matches. This defaults to "adminuser", but can be set to something more meaningful if you prefer.
Post-Provisioning Access
The IP address of the virtual machine is available in the Inventory at the bottom of the blueprint pane.
Assuming that you have enabled SSH access through firewall rules - as in the tutorial - and allow connectivity to the internet - again, as in the tutorial - you can connect to your virtual machine:
Adding Additional Keys
To add further public keys to the deployed Linux system - as deployed by the tutorial - the simplest way is to copy additional public key(s) to the system which generated the admin_public_key above and from there you can follow the platform-specific steps below.
Windows
Linux/OSX
Once this is done you can test the the additional machine(s) have access by logging in from them:
Generating public/private rsa key pair.
Enter file in which to save the key (C:\Users\<username>/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in C:\Users\<username>/.ssh/id_rsa.
Your public key has been saved in C:\Users\<username>/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:5NORnkS+qUbDd/TLs1yECr7COPNrdMvbWT2FleBSiu4 <username>@<server>@<LOCAL-HOSTNAME>
The key's randomart image is:
+---[RSA 2048]----+
| . o |
| o..+ . .|
| ..=o.. ..|
| +.+ *.. + |
| S.O . + o|
| .o*.o o +.|
| +oE... =.o|
| +.+ oo + +.|
| =ooo.o o |
+----[SHA256]-----+
