Access to the virtual machines you’re about to create is by ssh key. The principle is simple: the private key remains on your workstation and the associated public key is added to the list of keys authorized to connect. If you’ve never connected via ssh, you’ll need to generate a key pair. If you already have a key pair, you can use it.
We recommend that you generate one or more key pairs dedicated to:
The minimum level of security is to have a password-protected 4096-bit RSA key and then use an ssh agent so you don’t have to type in the password for every command.
ssh-keygen -t rsa -b 4096
Generating public/private rsa key pair.
Enter file in which to save the key (/home/noemie/.ssh/id_rsa):
Enter a name for the key pair, for example id_rsa_nova.
You will then be prompted twice for a passphrase to protect the private key.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in id_rsa_nova.
Your public key has been saved in id_rsa_nova.pub.
The key fingerprint is:
SHA256:q+zRYSQS1dBU0iEuy6Vs1IhqBwtiiNQeBKuZMV/+U4A noemie@noemie-HP-EliteBook-820-G3
The key's randomart image is:
+---[RSA 4096]----+
| o+...o=+oo. |
|+ .o + +oo. |
|Boo E * = |
|+B B = O |
|+ = o * S |
| . . o + o |
| + o |
| . + |
| .+ |
+----[SHA256]-----+
Congratulations, you’ve just created a key pair (id_rsa_nova , id_rsa_nova.pub).
The keys are generated in the hidden folder .ssh/ at the root of your home directory.
The private key, id_rsa_nova, safeguards identification and must not be divulged under any circumstances.
It’s the public key, id_rsa_nova.pub, that will be used when creating virtual machines to SSH-enable the default account.
If you don’t want to enter the passphrase every time you connect to an instance, you can use the ssh-agent.
Simply enter the passphrase in the ssh-agent with the ssh-add command.
ssh-add
Enter passphrase for /home/<nom_utilisateur>/.ssh/id_rsa:
Identity added: /home/<nom_utilisateur>/.ssh/id_rsa (/home/<nom_utilisateur>/.ssh/id_rsa)