What is Server Login Control?

Background Information

Prior to the December 17, 2009 release, SSH access was granted on a per account basis where users of a RightScale account could use the same cloud SSH keys to log into instances.  In that release, RightScale introduced the new Server Login Control feature, which provides per-user SSH access control based on a new user role and a private SSH Key Pair that you can either manage yourself or that RightScale can manage for you.

As of the May 23, 2013 release, account holders have the ability to mandate that every user within an account needs to manage their own SSH Key Pair. This would remove RightScale from managing a users SSH Key Pair by default. For more information on how to enable this feature, see Enable Mandatory Server Login Control.

Answer

The Server Login Control feature allows you to use a private SSH Key Pair instead of using your cloud SSH keys for shell access.  SSH Key Pairs are unique for each user and are used across all RightScale accounts.  To view your Server Login Control settings, go to Settings > User Settings > SSH tab. By default, RightScale manages your login credentials for you. If you keep this option, RightScale generates a private key pair for you. Only your public key is displayed (read-only) while your private key is stored in our database. The other option is to use your own key pair and manage your credentials yourself. You need to provide your public key and the directory on your local machine (relative to your home directory, e.g. .ssh/id_rsa) where your private key will be stored. This option ensures that only a logged in user from a machine that has the appropriate private key stored locally can SSH into an instance. RightScale uses your private key to authenticate SSH access so if the private key file cannot be found, you cannot SSH into an instance. If you are using multiple computers to manage your account, you must put the private key in the same location on all computers.
 

Requirements for using Server Login Control

In order to use the Server Login Control feature, you must have the following:

• 'server_login' and 'server_superuser' if you are running RightImage 5.7 and lower (both roles will need to be enabled to be able to SSH into a server). If you are running 5.8 or newer, like with 5.7 and lower, you can have both roles enabled or you can have either 'server_login' (which allows you to login as the user of the account without root access) and 'server_superuser' (which allows you to login as root to the server). For more information, see RightScale Account and User Management. 
• An understanding of Server Login Control. 
• Server instances must be using RightImage v5.1.1 or newer
• The Server Login Control feature must be enabled on the RightScale account (default)

Controlling User Access with Server Login Control

An 'admin' user can use the Server Login Control feature and user roles to control who has shell access to SSH into server instances.   For example, a system administrator can grant some users the ability to launch/terminate servers ('actor'), but not SSH into it.  Conversely, other users might only have 'server_login' privileges so they can SSH into a server for auditing and troubleshooting purposes even though they can't actually launch/terminate a server. Additionally, other users can have 'server_superuser' if they require root access to a server.

Mandatory Server Login Control

Managers of an account can require that all users must manage their own key pairs instead of RightScale managing them by default. To enable this, see Enable Mandatory Server Login Control.