How Do I Configure an SSH Key for Logging In to a Managed Host?

A CBH system allows you to configure SSH keys for logging in to managed hosts. After an SSH key is configured for a host, the SSH keys are verified preferentially.

Generating an SSH Key

Generate an SSH authentication key.

ssh-keygen –t rsa

The command output is as follows:

[root@Server ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.

You can configure the SSH key file name and password as required. The following is an example of the command output:

Enter file in which to save the key (/root/.ssh/id_rsa): Leave this parameter blank or enter the name of the file to be generated. The file is saved in the /root/.ssh directory.
Enter passphrase (empty for no passphrase): Leave this parameter blank or enter a password as required.
Enter same passphrase again: Confirm the password.
Your identification has been saved in /home/fdipzone/.ssh/id_rsa.
Your public key has been saved in /home/fdipzone/.ssh/id_rsa.pub.
The key fingerprint is: f2:76:c3:6b:26:10:14:fc:43:e0:0c:4d:51:c9:a4:b2 root@Server
The key's randomart image is:
+--[ RSA 2048]----+
|    .+=*         |
|  .  += +        |
|   o   +         |
|  E . . o        |
|    .S.          |
|      .o .       |
|       . +       |
|       ..        |
|       . +.      |
+-----------------+

-t rsa indicates that the RSA algorithm is used for encryption. DSA algorithm can also be used, and the command is as follows:

ssh-keygen -t dsa

Run the following command to view the SSH key file:
cd /root/.ssh (directory for storing files)/

In the directory where the SSH key file of the current user is stored, view the generated private key file id_rsa and public key file id_rsa.pub. After the password is configured, you can also view the private key password key and public key password key.pub.

Information similar to the following is displayed:
```
[root@Server ~]# cd /root/.ssh/
[root@Server ~]# ll
total 16
-rw------- 1 root root    0 Oct 14 15:47 authorized_keys
-rw------- 1 root root 1679 Nov 15 09:45 id_rsa
-rw------- 1 root root  430 Nov 15 09:45 id_rsa.pub
-rw------- 1 root root 1766 Nov 15 09:48 key
-rw------- 1 root root  430 Nov 15 09:48 key.pub
```
In the /.ssh directory of the current user, run the following command to copy the public key content to the authorized_keys file:
cat id_rsa.pub >>authorized_keys
Enable the SSH key login authentication.
1. Run the following command and modify the sshd_config configuration file for RSAAuthentication and PubkeyAuthentication to take effect and authorize SSH key authentication:
  vim /etc/ssh/sshd_config
2. Press Esc, enter :wq!, and press Enter to save the modification and exit.
3. Run the following command to restart the SSHD service:
  service sshd restart
  
  The process is successfully restarted if the following command output is displayed.
```
Redirecting to /bin/systemctl restart sshd.service
```

Configuring SSH Key Information

Log in to the CBH system.
Choose Resource > Host. On the displayed page, create a host resource for which an SSH key has been generated.

You can click Manage to add an account for the managed host on the host details page.
Click New to create the SSH host resource, and configure the host Account and Password on the Add Account page.
Copy the content of the id_rsa private key file and the private key password, and configure SSH Key and passphrase.
passphrase is optional. If passphrase is not configured:
- You do not need to enter the password for logging in to the host when no private key password is generated.
- You need to enter the private key password each time you log in to the host when the private key password is generated.
Click OK to add an account with the SSH key configured to the host resource.
- When importing host resources in batches, enter the correct SSH key private key and passphrase. Do not enter unnecessary characters or spaces.
- You are advised to configure only the host account and password for host resources to be imported in batches. After the host resources are imported to the CBH system, change the account and add the private key and password.
Configure ACL rules.
Grant the host account configured with the SSH key to users.
Log in to the host as an authorized user.

Parent topic: System Configuration

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.

Chatbot