Articles on: Security & Access

SSH Key Management

This guide explains how to create, manage, and use SSH keys for secure access to your Gozunga Cloud instances.

Understanding SSH Keys

SSH keys provide a secure way to access your cloud instances without passwords. They consist of:

  • Public Key: Uploaded to your instances
  • Private Key: Kept securely on your local machine

Creating SSH Keys

On Linux/macOS

# Generate ed25519 key (recommended)
ssh-keygen -t ed25519 -C "your_email@example.com"

# Generate RSA key pair
ssh-keygen -t rsa -b 4096 -C "your_email@example.com"

On Windows

  1. Using PowerShell
# Generate SSH key
ssh-keygen -t ed25519 -C "your_email@example.com"

  1. Using PuTTYgen
  • Launch PuTTYgen
  • Select key type (RSA or ed25519)
  • Click "Generate"
  • Move mouse for randomness
  • Save both public and private keys

Adding SSH Keys to Gozunga Cloud

  1. Via Web Portal
    • Log in to Gozunga Cloud Portal
    • Navigate to Access → SSH Keys
    • Click "Add SSH Public Key"
    • Paste your public key
    • Give it a descriptive name

  1. Via OpenStack CLI
openstack keypair create --public-key ~/.ssh/id_ed25519.pub my-key-name

Managing SSH Keys

Key Best Practices

  1. Security
    • Keep private keys secure
    • Use strong passphrases
    • Never share private keys
    • Regular key rotation

  1. Organization
    • Use descriptive key names
    • Document key usage
    • Remove unused keys
    • Maintain key inventory

Using SSH Keys

  1. Linux/macOS Connection
# Basic connection
ssh -i ~/.ssh/private_key username@instance_ip
  
# Add to SSH config
cat >> ~/.ssh/config << EOF
Host gozunga-instance
    HostName instance_ip
    User username
    IdentityFile ~/.ssh/private_key
EOF
  
# Then connect using
ssh gozunga-instance

  1. Windows Connection
# PowerShell
ssh -i C:\Users\YourUser\.ssh\private_key username@instance_ip

  1. PuTTY
# Load saved session with configured key


Troubleshooting

Common Issues

  1. Permission Errors
# Fix private key permissions
chmod 600 ~/.ssh/<private_key_filename>

  1. Key Not Working
  • Verify key is added to instance
  • Check key permissions
  • Confirm correct username
  • Verify instance security groups

Instance Access

  1. First Time Setup
# Add key to agent
ssh-add ~/.ssh/private_key
  
# Test connection
ssh -v username@instance_ip

  1. Multiple Keys
# Specify key explicitly
ssh -i ~/.ssh/specific_key username@instance_ip
  
# Use ssh-agent
ssh-add -l  # List loaded keys

Security Recommendations

Key Management

  1. Regular Maintenance
    • Audit key access
    • Remove old keys
    • Update weak keys
    • Document key owners

  1. Emergency Procedures
    • Key revocation process
    • Backup access methods
    • Incident response plan

Automation

  1. Deployment Scripts
#!/bin/bash
# Example key deployment script
KEY_NAME="new-key-$(date +%Y%m%d)"
ssh-keygen -t ed25519 -f ~/.ssh/$KEY_NAME -N ""
openstack keypair create --public-key ~/.ssh/${KEY_NAME}.pub $KEY_NAME

  1. Key Rotation
#!/bin/bash
# Example key rotation script
OLD_KEY="old-key-name"
NEW_KEY="new-key-name"
openstack keypair delete $OLD_KEY
ssh-keygen -t ed25519 -f ~/.ssh/$NEW_KEY -N ""
openstack keypair create --public-key ~/.ssh/${NEW_KEY}.pub $NEW_KEY


Updated on: 20/01/2025

Was this article helpful?

Share your feedback

Cancel

Thank you!