How to work with SSH keys

1 SSH keys to create and access VMs in public cloud
2 Generate a basic key pair for private cloud
3 Generate a key pair for public cloud
4 Add your public key to Abiquo

This page describes how to obtain an SSH key for public cloud and how to add it to your user Abiquo account.

SSH keys to create and access VMs in public cloud

To access your VMs in public cloud providers, you must have an RSA key pair. See your cloud provider documentation for more details. For example, for AWS, see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AccessingInstances.html.

When you deploy a VM, Abiquo launches it in the provider with a key pair. To connect to the VM, you will need the private key file of the key pair that you selected when you launched the instance.

Abiquo stores a public key for a user and automatically adds it to VMs at deploy time. The user must keep the corresponding private key in a safe place and use it to access the VM.

Generate a basic key pair for private cloud

On Linux you can create a basic RSA key for SSH in a test environment in Linux using the following command.

ssh-keygen -t rsa
ssh-add id_rsa

By default the keys will be saved in a folder such as ~/.ssh and the public key in a file such as ~/.ssh/id_rsa.pub.

Generate a key pair for public cloud

When you generate a key pair for public cloud, you should use a pass phrase. In some cloud providers you can use a key pair that the cloud provider generates for you.

Provider	Documentation

Provider	Documentation
AWS	http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/generating-a-keypair.html
Azure	https://learn.microsoft.com/en-us/azure/virtual-machines/linux/create-ssh-keys-detailed
GCP	https://cloud.google.com/compute/docs/connect/create-ssh-keys
OCI	https://www.oracle.com/webfolder/technetwork/tutorials/obe/cloud/compute-iaas/generating_ssh_key/generate_ssh_key.html

Generally, for AWS and Azure, you could use a 4096 bit RSA key in PEM format, which for Linux and Mac you can generate with a command like this one.

ssh-keygen -m PEM -t rsa -b 4096

For GCP and OCI, you can use a 2048 bit RSA key, which you could generate with a command like this one.

ssh-keygen -b 2048 -t rsa

Add your public key to Abiquo

To save a public key in Abiquo:

Edit an Abiquo user with one of these two ways to edit a user:
- In Users view, by selecting the enterprise name, then the user and clicking the edit button OR
- If allowed in your installation, cloud users can edit their own user details by clicking on the user icon in the bottom left-hand corner of the screen
Go to the Advanced tab and enter the RSA public key for the user
The user should keep the private key in a safe place and supply it to access their VMs