Table of Contents
SSH keyring management
In order to simplify access during the creation of servers or instances, we provide you with a way to manage your SSH keyring via your Gandi interface.
To use this feature, start by logging into our website and going to the “Account Management” tab, and then “SSH keys” which you will see on the right. You will then be provided with an interface that you can use to add or delete your public SSH keys.
Key generation
- Linux : To generate a pair of keys (public/private), you can use the tool provided with OpenSSH (“ssh-keygen'” available by default under Linux) with the following command:
ssh-keygen
.
$ ssh-keygen -t rsa -b 2048
Generating public/private rsa key pair. Enter file in which to save the key (/home/user/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/user/.ssh/example_rsa. Your public key has been saved in /home/user/.ssh/example_rsa.pub. The key fingerprint is: eb:79:fb:3f:15:ff:3a:04:dd:46:74:3b:da:a2:2b:9b alex@jbim The key's randomart image is: +--[ RSA 2048]----+ | .o| | +| | . = | | . +.+| | S + oo| | . . o o| | . . . ..| | . oo . o .| | oE++..o+ | +-----------------+
By default, the keys are placed in the .ssh subdirectory in your home directory.
$ ls ~/.ssh/ authorized_keys id_rsa id_rsa.pub known_hosts
- Windows : You can use the 'PuttyGen' generator that can be downloaded on this page
The .pub file is your public key, it is the one that must be added to your keychain. The id_rsa
file contains your private key, which muse NEVER be communicated. Only the public key must be sent to a server or an instance!
Adding a key to your keychain
We are now going to add the key to our keychain. We must first, however, recover the key's content:
$ cat .ssh/id_rsa.pub ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7ReoJ3g7inzFkE3EazHf8R9ypx6WOonQbbT43/n0PCUU6/7MZgv3GK7lNkwV4L+oaTLm5cjVDLwpiWrkFZtOpekv+gkxqwIFT8R+AeHbNbIov3An/WZXOxJmgIm/p8cdiHtgA0wsJydol9OOHDdd/g+oRy0OG8U6zk/3Wtme7EZBLqGfBMjrnJBacHM65RyIzDnuwN0ejSX3GvtMoqIkWLpbaCFotR23fhs1hz4q6fZZctNGNG/6pzap9QOn8WHV6B+F4/N1I4Pk4QAeUOoC5UXkwNAinhSYPitwFlqmM3IU/spkzUedJc6uZp4lZ+Fl1VE9YKYjuAvu904PhSp2r alex@jbim
Next, to add it, go to the following address and click on “Add an SSH key” and copy and paste the contents of your SSH key where prompted:
You can add as many keys as you want to your keyring:
Deployment of the SSH key on an instance
During the creation of the instance
During the creation of the instance, you have the possibility of deploying an SSH key:
- By choosing a key that is already present in your keyring,
- By indicating the SSH key directly in the corresponding field (with the possibility of adding it to the keyring)
On an existing instance
To easily deploy a key on a pre-existing instance, go to the instance's control panel, and then in the “Access” table, click on “Add” that you see to the right of “SSH keys”:
A popup will then appear, where you can either add a key that is already present in your keyring or add a new one:
Deployment of an SSH key on a server
To deploy an SSH key from your keyring to a new server, proceed with the creation of the server as usual, and then in the “Connection parameters” section, you will be able to:
- Select an existing SSH key from your keyring,
- Add a key that is not present in the keyring, and then add it automatically to the keyring afterwards.