Articles on: Security & Access

SSH Key Management

This guide explains how to create, manage, and use SSH keys for secure access to your Gozunga Cloud instances.

Understanding SSH Keys



SSH keys provide a secure way to access your cloud instances without passwords. They consist of:
- Public Key: Uploaded to your instances
- Private Key: Kept securely on your local machine

Creating SSH Keys



On Linux/macOS


# Generate ed25519 key (recommended)
ssh-keygen -t ed25519 -C "your_email@example.com"

# Generate RSA key pair
ssh-keygen -t rsa -b 4096 -C "your_email@example.com"


On Windows


Using PowerShell
# Generate SSH key
ssh-keygen -t ed25519 -C "your_email@example.com"


Using PuTTYgen
- Launch PuTTYgen
- Select key type (RSA or ed25519)
- Click "Generate"
- Move mouse for randomness
- Save both public and private keys

Adding SSH Keys to Gozunga Cloud



Via Web Portal
- Log in to Gozunga Cloud Portal
- Navigate to Access → SSH Keys
- Click "Add SSH Public Key"
- Paste your public key
- Give it a descriptive name

Via OpenStack CLI
openstack keypair create --public-key ~/.ssh/id_ed25519.pub my-key-name


Managing SSH Keys



Key Best Practices


Security
- Keep private keys secure
- Use strong passphrases
- Never share private keys
- Regular key rotation

Organization
- Use descriptive key names
- Document key usage
- Remove unused keys
- Maintain key inventory

Using SSH Keys



Linux/macOS Connection
# Basic connection
ssh -i ~/.ssh/private_key username@instance_ip
  
# Add to SSH config
cat >> ~/.ssh/config << EOF
Host gozunga-instance
    HostName instance_ip
    User username
    IdentityFile ~/.ssh/private_key
EOF
  
# Then connect using
ssh gozunga-instance


Windows Connection
# PowerShell
ssh -i C:\Users\YourUser\.ssh\private_key username@instance_ip


PuTTY
# Load saved session with configured key


Troubleshooting



Common Issues



Permission Errors
# Fix private key permissions
chmod 600 ~/.ssh/<private_key_filename>


Key Not Working
- Verify key is added to instance
- Check key permissions
- Confirm correct username
- Verify instance security groups

Instance Access



First Time Setup
# Add key to agent
ssh-add ~/.ssh/private_key
  
# Test connection
ssh -v username@instance_ip


Multiple Keys
# Specify key explicitly
ssh -i ~/.ssh/specific_key username@instance_ip
  
# Use ssh-agent
ssh-add -l  # List loaded keys


Security Recommendations



Key Management


Regular Maintenance
- Audit key access
- Remove old keys
- Update weak keys
- Document key owners

Emergency Procedures
- Key revocation process
- Backup access methods
- Incident response plan

Automation


Deployment Scripts
#!/bin/bash
# Example key deployment script
KEY_NAME="new-key-$(date +%Y%m%d)"
ssh-keygen -t ed25519 -f ~/.ssh/$KEY_NAME -N ""
openstack keypair create --public-key ~/.ssh/${KEY_NAME}.pub $KEY_NAME


Key Rotation
#!/bin/bash
# Example key rotation script
OLD_KEY="old-key-name"
NEW_KEY="new-key-name"
openstack keypair delete $OLD_KEY
ssh-keygen -t ed25519 -f ~/.ssh/$NEW_KEY -N ""
openstack keypair create --public-key ~/.ssh/${NEW_KEY}.pub $NEW_KEY

Updated on: 20/01/2025

Was this article helpful?

Share your feedback

Cancel

Thank you!