SSH Keys

DreamCompute utilizes ssh keys for accessing your instances, instead of using passwords alone. This is done for increased security and simplifies managing users for OpenStack (the public key is injected into the instance at boot). This prevents needing to modify files or passwords on the operating system on startup.

SSH keypairs are managed on the | Access & Security - Keypairs section of the dashboard.

SSH Key Components
There are two parts to an SSH key: a private key and a public key. The private key is known only to you and should be safeguarded. On unix-based systems such as Mac and Linux, the private key is generally stored in:

/home/myuser/.ssh/id_rsa

The public key can be shared with any server that you would like ssh access to. Similarly, the public key will be stored in:

/home/myuser/.ssh/id_rsa.pub

SSH keys generated on Windows systems using the | PuTTY key generator (puttygen.exe) are not stored in a uniform location, but instead where the user chooses to save them.

Create a new SSH key
The first step is to make sure you have an ssh key to use. If you are not sure or don't have one, skip to Create and import a new SSH key in the dashboard. Alternatively, you can create a key yourself with the below methods.

via puttygen.exe
This program can be downloaded from the | PuTTY website. After running the program, click on the "generate" button, and follow the instructions to generate random data. When complete, you can click the "save public key" and "save private key" buttons to save your two separate files in a safe location.

Here is an example of the puttygen.exe program:



via ssh-keygen
This program can be found on Mac, linux and other unix-based operating systems. When ran, it will ask for the file to save to (hit enter for the recommended default), and then asks for a passphrase. You can press enter twice to not have a password, or enter one for additional security. The output looks like this:

$ ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/home/myuser/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/myuser/.ssh/id_rsa. Your public key has been saved in /home/myuser/.ssh/id_rsa.pub. The key fingerprint is: 66:d9:a4:f0:8d:0b:72:93:b8:67:2e:af:f6:91:ce:e3 myuser@mycomputer The key's randomart image is: +--[ RSA 2048]+ |                | |                 | |      .   .      | |     . + B       | |   o = S o      | |    + * .       | |    . = .        | |    o*.. | |  ..*E. | +-+

Checking For An Existing Key
For a Windows system, there isn't an easy way to find where keys were generated or stored. The private key is saved with the .ppk file extension, but the public doesn't have a default. You could search your system for .ppk files and perhaps find your public key in the same location.

On Mac and Linux systems, you can check in the above described location:

$ ls ~/.ssh/id_rsa* /home/myuser/.ssh/id_rsa /home/myuser/.ssh/id_rsa.pub

Create and import a new SSH key in the dashboard
The easiest way to generate a key is to have DreamCompute generate one for you. You can do this by going to the DreamCompute | Access & Security - Keypairs dashboard. On the top right, click the "Create Keypair" button, give the key a name, and click "Create Keypair". Your browser will start downloading the private key in a file called $NAME.pem, where $NAME is the given name. Save this file for later user as your id_rsa private key file.

Import an Existing Key
Find the public key file, and open it to copy its contents. Next, go to the DreamCompute | Access & Security - Keypairs dashboard and click on "Import Keypair". Give it a name and paste in the contents of your public key, then click "Import Keypair" to save it.

Connect to your instance with ssh keys
Once you have your SSH key created and imported into the dashboard, you can go ahead and create your instances making sure to select the keypair on the "Access & Security" tab of the instance creation screen. For ssh to work, it will also require that port 22 has been opened in your selected security group in the DreamCompute | Access & Security - Security Group dashboard.

Using Windows
A common program for ssh on windows is | PuTTY or | putty-nd. When you run the program, navigate to the Connection -> SSH -> Auth setting page, and click the "browse" button near the "Private key file for authentification" field. Select the private key you generated, then click open. You can now navigate to the "Session" setting page, and enter into the host name field "dhc-user@" followed immediately by your instance's public ip address. Click Open to start your session.

Using Mac & Linux
On unix based systems, the key will need to setup first. There are several ways to do this:


 * Configure as your main key
 * Copy the key or .pem file to your home directory, to the ~/.ssh/id_rsa file.


 * Configure as an alternative key
 * Copy the key or .pem file to a safe place, and then edit our ~/.ssh/config file to add this so that connections to that specific host will use this alternate key.

Host IPADDRESS IdentityFile ~/path/to/key


 * No configuration, specifying the key on the command line
 * Connect via ssh -i ~/path/to/key dhc-user@IPADDRESS

after you have your keys setup, you can use ssh directly to connect to your instances like so:

$ ssh dhc-user@IPADDRESS Welcome to Ubuntu 12.04.2 LTS (GNU/Linux 3.5.0-23-generic x86_64) dhc-user@webserver-frontend:~$