Knowledgebase

How to Use SSH with RCS Servers Print

  • 0

Introduction

SSH is a protocol that allows you to connect to Linux or Unix-based servers from the remote system. OpenSSH is a connectivity tool that uses the SSH protocol to communicate between the client and server using the secure shell. This guide explains how to SSH into your RCS server with a password or use SSH keys using OpenSSH. It also describes how to generate SSH keys and add them to the server manually.

How to Connect with a Password

To connect to the server using the SSH client and a password, open the command prompt on your local workstation and execute the following command. Substitute the example IP address with the server's IP address, which you'll find on the server information page in the RCS customer portal.

$ ssh root@192.0.2.123

SSH shows a warning to confirm the authenticity of the server. Type Yes and press ENTER. You'll see the password prompt. Type the password and press ENTER.

Note: Passwords will not be visible when you type.

Now, you'll be logged into the server, and you can use the commands to interact with the server.

What is an SSH Key Pair

SSH key pair contains a public key and a private key. The public key is stored on the server, and the private key is stored on the local machine that will be used for connecting to the remote server. Both keys are necessary to SSH into a server using the SSH keys.

How to Generate Keys on Windows, Linux, Mac

ssh-keygen utility can be used to generate SSH keys.

How to use the ssh-keygen Command

Use the below command to generate the key pair in Windows, Linux, and Mac.

ssh-keygen -t ed25519 -C email@example.com

Where,

  • ssh-keygen - Command to generate the SSH key pair

  • -t - Flag to specify the key type

  • ed25519 - Type of the key to be generated. ed25519 is recommended as its more secure than RSA type keys

  • -C - Flag to specify the comment for the key

  • email - Comment to be added in the key. This comment will be appended at the end of the public key string. It'll help identify the keys when more public keys are available on your server (more on this topic later).

Generating Keys on Windows

Launch the command prompt and use the below command to generate the SSH key pair.

C:\users\username>  ssh-keygen -t ed25519 -C email@example.com

The system prompts you to enter the location for generating the keys. The default value is shown in the brackets as (C:\Users\Username/.ssh/id_ed25519).

Note: It is recommended to use this directory. Because while logging in, SSH will look for the keys in the default directory. If you use directories other than the default directory, you need to specify the key location explicitly.

Press ENTER to use the default location.

Generating public/private ed25519 key pair.

Enter file in which to save the key (C:\Users\username/.ssh/id_ed25519):

The system shows the prompt to enter the passphrase for the key. You can enter a passphrase if you wish, or you can press ENTER to create keys without a passphrase. If you choose to enter a passphrase, you need to use it every time while logging in using this key.

Enter passphrase (empty for no passphrase):

After confirming the passphrase, the key is generated and stored in the default location, and the below message is shown.

Your identification has been saved in    C:\Users\username/.ssh/id_ed25519.

Your public key has been saved in C:\Users\username/.ssh/id_ed25519.pub.

The key fingerprint is:

SHA256:W6ceE1mGIi87YjD9BEUoROg3Aie/fOZMr1c+qOSD8Wk email@example.com

The key's randomart image is:

+--[ED25519 256]--+

| +o  oo          |

+----[SHA256]-----+

Generating Keys on Linux

Launch the Linux shell and use the below command to create an SSH keypair.

$ ssh-keygen -t ed25519 -C email@example.com

The system prompts you to enter the location for the keys. The default value is shown in the brackets as (/home/username/.ssh/id_ed25519)

Note: It is recommended to use this directory. Because while logging in, SSH will look for the keys in the default directory. If you use directories other than the default directory, you need to specify the key location explicitly.

Press ENTER to use the default location.

Generating public/private ed25519 key pair.

Enter file in which to save the key (C:\Users\username/.ssh/id_ed25519):

The system shows the prompt to enter the passphrase for the key. You can enter a passphrase if you wish, or you can press ENTER to create keys without a passphrase. If you choose to enter a passphrase, you need to use it every time while logging in using this key.

Enter passphrase (empty for no passphrase):

After confirming the passphrase, the key is generated and stored in the default location, and the below message is shown.

Your identification has been saved in /home/ubuntu/.ssh/id_ed25519

Your public key has been saved in /home/ubuntu/.ssh/id_ed25519.pub



The key fingerprint is:

SHA256:c0hYyBV+e1vY7DUVage/3nYk4z9DvxzrLmsiek7dkZE email@example.com

The key's randomart image is:

+--[ED25519 256]--+

|     . o+.   . . |

+----[SHA256]-----+

|      o+      = .|

Generating Keys on Mac

Launch the terminal and use the below command to generate the SSH key pair.

% ssh-keygen -t ed25519 -C email@example.com

The system prompts you to enter the location for generating the keys. The default value is shown in the brackets as (/Users/Username/.ssh/id_ed25519).

Note: It is recommended to use this directory. Because while logging in, SSH will look for the keys in the default directory. If you use directories other than the default directory, you need to specify the key location explicitly.

Press ENTER to use the default location.

Generating public/private ed25519 key pair.

Enter file in which to save the key (/Users/Username/.ssh/id_ed25519):

The system shows the prompt to enter the passphrase for the key. You can enter a passphrase if you wish, or you can press ENTER to create keys without a passphrase. If you choose to enter a passphrase, you need to use it every time while logging in using this key.

Enter passphrase (empty for no passphrase):

After confirming the passphrase, the key is generated and stored in the default location, and the below message is shown.

Your identification has been saved in    /Users/Username/.ssh/id_ed25519.

Your public key has been saved in /Users/Username/.ssh/id_ed25519.pub.

The key fingerprint is:

SHA256:W6ceE1mGIi87YjD9BEUoROg3Aie/fOZMr1c+qOSD8Wk email@example.com

The key's randomart image is:

+--[ED25519 256]--+

| +o  oo          |

+----[SHA256]-----+

How to Add a Key to an Existing Server

The SCP command is used to copy a file to the remote server. Your public SSH key must be copied to the server to enable SSH authentication. You can use the scp command to copy the public key to the remote server.

Launch the command prompt or the Linux shell and execute the below command to copy the public key.

C:\users\username> scp C:\Users\username\.ssh\id_ed25519.pub example_user@192.0.2.123:/home/example_user 

Where,

  • SCP - Command to copy the file

  • C:\Users\username\.ssh\id_ed25519.pub - Generated public key location

  • example_user - Username of the server to which the file needs to be copied. You need to have access to this server

  • 192.0.2.123 - IP Address of the server

  • /home/example_user - Target folder location on the server

The file is copied to the directory. Now, you need to copy the key to the authorized_keys file and enable SSH authentication. Log in to your newly created RCS server and navigate to the user's home directory using the below command.

$ cd /home/example_user/ 

Make a directory .ssh if it's not already existing using the below command.

$ mkdir .ssh

Navigate to the .ssh folder.

$ cd .ssh

Create a authorized_keys that will store the public key in the server using the below command.

$ touch authorized_keys

The touch command will create a file only if it doesn't exist.

Once the file is created, copy the content of the public key to the authorized_keys file using the cat command as shown below.

$ cat /home/example_user/id_ed25519.pub >> authorized_keys

The keys are placed in the appropriate location.

Enabling SSH Keys Authentication

SSH Authentication methods are configured in the file called sshd_config.

To enable the authentication using SSH keys, navigate to the directory /etc/ssh/ using the below command.

$ cd /etc/ssh 

Open the file sshd_config using the below command.

$ sudo nano sshd_config

In the file, find and uncomment the following two lines.

PubkeyAuthentication yes

AuthorizedKeysFile  .ssh/authorized_keys   .ssh/authorized_keys2

Setting the PubkeyAuthentication parameter to yes enables authentication using the public keys. And the AuthorizedKeysFile parameter specifies the location of the public key. Now, the keys are added to the existing server. You can SSH into the server using the public key using the steps defined in the next section.

How to Connect with a Key

The OpenSSH client provides the ssh command to establish an SSH connection into the server. Launch the command prompt and use the below command to SSH into a server using the SSH keys.

C:\users\username>  ssh example_user@192.0.2.123

Where,

  • ssh - command to establish a connection

  • example_user - Username to use to make a connection

  • 192.0.2.123 - IP address of the server

This command will use the private key in the default ssh directory (./users/.ssh) of your local machine. If the public and private keys match correctly, the SSH connection will be established, and you can communicate with the server.

How to Deploy a New Server with a Key

To deploy a new server with an SSH key, you need to create an SSH key in the RCS Dashboard. Follow the below steps to add an SSH key to your RCS account.

  1. Log in to the Customer Portal.

  2. Click your name in the upper-right, then select SSH Keys from the dropdown menu.

  3. Click the blue "plus sign" button to add a key.

  4. Enter a descriptive name for the key.

  5. Paste the public key into the SSH Key field.

    Screenshot of Add SSH Key screen in the Vultr customer portal

  6. Click the Add SSH key button to create an SSH key.

The SSH key will be added, and you'll be able to select this SSH key in the SSH Keys section while launching a new server.

More Information

For more information, see our other guides:


Was this answer helpful?
Back

Powered by WHMCompleteSolution