Skip to main content
Create and host an SSH key on a cloud server
Last update:

Create and host an SSH key on a cloud server

SSH keys can be used to securely connect to a server using the encrypted SSH protocol. It is a pair of keys: the private key is stored on the local computer and the public key is placed on the server.

We recommend using SSH keys instead of login and password to authenticate to the cloud server.

You can use SSH keys of types ed25519, rsa, ecdsa, and dsa. Learn more about SSH keys for the user.

  1. Create an SSH key pair.

  2. Optional: add a public SSH key to the user profile.

  3. Place a public SSH key on the cloud server.

1. Create an SSH key pair

You can create SSH keys in two ways:

Create a pair of SSH keys using OS tools

  1. Open the CLI.

  2. Generate a pair of SSH keys:

    ssh-keygen -t <key_type>

    Specify <key_type> — SSH key type: ed25519, rsa, ecdsa or dsa

  3. A message will appear asking you to select a directory to store the key pair — an example for an RSA key:

    Enter file in which to save the key (~/.ssh/id_rsa):

    To leave the default directory for storing keys, press Enter. If you want to select a different directory, enter it in the format /path/to/id_rsa and press Enter.

  4. Optional: enter a passphrase for additional security, repeat the passphrase and press Enter:

    Enter passphrase (empty for no passphrase):
    Enter same passphrase again:
  5. Wait for the message that the keys have been generated. Two files will be created: id_rsa (private key) and id_rsa.pub (public key). The terminal will display the key fingerprint and its image:

    Your identification has been saved in ~/.ssh/id_rsa
    Your public key has been saved in ~/.ssh/id_rsa.pub
    The key fingerprint is:
    The key's randomart image is:
  6. Output the public SSH key:

    cat <path>

    Specify <path> is the full path to the public key you specified in step 3, for example ~/.ssh/id_rsa.pub.

Create an SSH key pair through the OpenStack CLI

The SSH key will only be available to the single service user, project, and pool for which you have configured authorization in the OpenStack API.

When generating SSH keys through the OpenStack CLI, the public key is automatically added to the user's profile.

  1. Open the OpenStack CLI.

  2. Generate a pair of SSH keys:

    openstack keypair create <key_name> --private-key <file_for_key>

    Specify:

    • <key_name> — key name;
    • <file_for_key> — file that will store the private SSH key on the local computer.

2. Optional: add a public SSH key to the user profile

You can add a public SSH key to your profile or to another user's profile. Then place the key on the server when creating it or on an existing server.

The key will be available in all projects to which the user has been added.

If you generated an SSH key pair through the OpenStack CLI, the public key was automatically added to the user profile.

  1. In the control panel, on the top menu, click Account.

  2. Go to the Access section.

  3. Open the SSH keys tab.

  4. Click Add Key.

  5. Enter the name of the key.

  6. Insert a public SSH key in OpenSSH format.

  7. Click Add.

3. Host a public SSH key on a cloud server

You can place a public SSH key when you create a cloud server or on an existing server.

To access the cloud server via SSH, you need to add a public SSH key to the ~/.ssh/authorized_keys file on the server. You can add multiple keys, for example, if you need access for multiple users.

You can place public SSH keys on an existing server using a utility or manually.

The utility adds the public SSH key to the end of the ~/.ssh/authorized_keys file. The command used creates the directory and file if they are not already created.

  1. Open the CLI on the local computer.

  2. Copy the public SSH key to the cloud server:

    ssh-copy-id -i <path> <username>@<ip_address>

    Specify:

    • <path> — the full path to the public key on the local computer, e.g. ~/.ssh/id_rsa.pub;
    • <username> — username;
    • <ip_address> — public IP address of the server.
  3. Enter the user's password.

SSH keys for the user

How to add a key to a user profile
  • Self: in the control panel, in the top menu, click AccountAccessSSH keys tab ;
  • to another user: in the control panel, in the top menu, click AccountUsers or Service Users → User page ;
  • will be added automatically when SSH keys are created through the OpenStack CLI ( openstack keypair create command );
  • through the API;
  • through Terraform;
  • through the selvpc CLI
How to host on a cloud server when creating a server
  • Through the OpenStack CLI ( openstack server create command);
  • through the API;
  • through Terraform
For which users is it availableFor one user of any type
In which projects is it availableIn all projects to which a user has been added
What pools are available in
  • Available in all pools if added in the control panel under AccountUsers → tab with the desired user type → user page;
  • is available only in pools to which it was added via OpenStack CLI, API, Terraform, selvpc CLI
Where can I see the list of keys
  • Your own: in the control panel, in the top menu, click AccountAccessSSH keys tab;
  • other users: in the control panel in the top menu, click AccountUsers or Service Users → User page;
  • through the OpenStack CLI ( openstack keypair list command);
  • through the API;
  • through Terraform;
  • through the selvpc CLI