Note: Please go to docs.rightscale.com to access the current RightScale documentation set. Also, feel free to Chat with us!
Home > FAQs > How Do I Access Servers Using SSH?

How Do I Access Servers Using SSH?

Background Information

This article describes how to connect to a running Linux server using an SSH session with RightScale-managed SSH Keys.

The steps required to set up an SSH connection differ depending on whether you launch your SSH session from within or outside of the RightScale Dashboard, as described below.

Note: If you are using a Windows instance, see RDP into a Server.


Answer

General Best Practices

If the cloud supports the use of SSH Keys (for example, EC2) you should hide the private key material of all ssh keys from non-Admin users.

SSH Inside of the RightScale Dashboard

The easiest way to SSH into your machines is to use the integrated SSH feature available from the Dashboard.

Note: You must have "server_login" user role privilege in the RightScale account in order to see the SSH icon/button. 

To start your SSH session, click the terminal icon File:15-References/Tables/Dashboard_Icons/icons_ssh.gif next to the instance that you want to access. Your user settings determine your SSH preferences. For example, you can navigate to Settings > User Settings > SSH and select your SSH client preference:

screen-new-SSH-config_v1.png

 

 

screen-ClickSSH-v1.png

 

Note: More information on setting up a native SSH client to work with the RightScale Dashboard is available in the article titled How do I configure my native SSH client to work with RightScale?.

SSH Outside of the RightScale Dashboard

The following sections describe how to SSH into an instance using a third party SSH client installed on your machine without launching the SSH session from the RightScale Dashboard. Procedures for using PuTTY on a Windows PC are presented as well as procedures for using SSH from a UNIX, Linux, or Mac OSX terminal application.

Windows - Using PuTTY

If you need to SSH into your instances from a Microsoft Windows machine outside of the RightScale Dashboard, we recommend using PuTTY, a widely used free telnet client. Use the following steps to install PuTTY and configure it for use with RightScale-managed servers outside the RightScale Dashboard.

 

Install the PuTTY Client and Download Private Key from RightScale

First, you need to install the PuTTY client on your Windows PC workstation and download your private SSH key from RightScale.

  1. Browse to PuTTY's main page and click the link to download Putty.
  2. On the PuTTY download page, locate and click the Windows installer package and save it to your local drive. (e.g., putty-0.63-installer.exe)
  3. Run the PuTTY installer by double-clicking it.
  4. Login to the RightScale Cloud Management Portal (https://my.rightscale.com) and choose Settings > SSH.

 

screen-settings-ssh_v1.png

 

  1. On the SSH tab view click Download Private Key and select Save File.

 

screen-download-private-key_v1.png

 

  1. Browse to a location on your local drive where you want to save the private key material and click OK. Take note of where you save the file and make sure it is in a safe and secure directory that only you have access to.

Note: The behavior of the Download Private Key link may differ depending on your browser version and settings. For example, some browsers may automatically save the private key file to the default downloads folder on your PC (e.g., c:\Users\<username>\Downloads). The graphic provided above illustrates the behavior when using the Firefox browser.

 

Convert Private Key to PuTTY-Friendly Format

Now that you have the private key material stored on your local drive, you need to convert it to a format that PuTTY and can understand. By default, the key is generated by RightScale in openSSH format so it must be converted using PuTTYgen before it can be used in PuTTY.

  1. On your workstation, go to Start > All Programs > PuTTY > PuTTYgen.

 

screen-launch-puttygen.png

 

  1. In the PuTTY Key Generator, open the Conversions menu and select Import Key.

 

screen-puttygen-import-key_v1.png

 

  1. Browse to the location where you saved the private key, select it, and click Open. The private key material is loaded and formatted in the key generator.

 

screen-puttygen-load-key_v1.png

 

  1. Click Save Private Key, then click Yes when prompted to save the key without a passphrase.

 

screen-puttygen-save-key_v1.png

 

  1. Enter a meaningful name for the generated key, browse to a location where you want to store the key and click Save. Your generated key will be saved with the *.ppk extension.

 

screen-puttygen-save-key-2_v1.png

 

  1. Close the PuTTY Key Generator.

 

Configure PuTTY to Use SSH Key-based Authentication

There are two ways in which you can configure PuTTY to use the generated key:

  • By pointing to the location of the key in the Auth Options where it will become the default.
  • By loading individual keys as you need them using PuTTY's SSH authentication agent Pageant.

The first option is simpler as you do not need to load individual keys, but you are limited to using one key at a time until you update the setting in Auth Options. The second option is more flexible but requires that you select and load a key on every startup of the Pageant application. Both options are described here for your reference, but you can elect to use whichever option you prefer.

 

Option 1 - Using PuTTY Auth Configuration

  1. From your Windows workstation, launch the PuTTY client from Start > All Programs > PuTTY > PuTTY.
  2. Under the Connection category, select SSH > Auth.

 

screen-putty-config-auth-option-1_v1.png

 

  1. Click Browse and navigate to the location of the key you generated using PuTTYgen.

 

screen-putty-config-auth-option-2_v1.png

 

  1. Select the key and click Open.

 

screen-putty-config-auth-option-3_v1.png

 

  1. Once the key is loaded, select the Session category then select Default Settings in the Saved Sessions list and click Save. This will save the current PuTTY settings as a default session.

 

screen-putty-save-default-session_v1.png

 

  1. Connect to your server by entering the server IP address in the Host Name field and clicking Open. Make sure Port 22 is set and the Connection Type is set to SSH. [Note: If you are connecting to your server for the first time with PuTTY, you may see a security alert dialog asking if you would like to cache the server's host key in the Windows registry. Choose Yes if your are presented with this dialog.]

 

screen-putty-launch-session_v1.png

 

  1. Once the session starts you will see a "login as" prompt. Enter the username 'rightscale' and press Enter/Return. After you log in as 'rightscale', the RightScale agent takes over and authenticates your RightScale username over a key-based exchange without prompting you for a password.

 

Option 2 - Using the Pageant SSH Authentication Agent

  1. From your Windows workstation, launch the Pageant application from Start > All Programs > PuTTY > Pageant. When you run Pageant, it will place an icon of a computer wearing a hat into the Windows System tray. Initially, it will not display an interface or screen for you to interact with until you load a private key into it. To display the Pageant window, double-click its icon in the System tray.
  2. Click Add Key and browse to the location of the key you generated previously with PuTTYgen.

 

screen-putty-pageant-1_v1.png

 

  1. Select the key and click Open. The selected key is loaded into the Pageant Key List.

 

screen-putty-pageant-2_v1.png

 

  1. To connect to your server, launch the PuTTY client, enter the server IP address in the Host Name field and click Open.
  2. Once the session starts you will see a "login as" prompt. Enter the username 'rightscale' and press Enter/Return. After you log in as 'rightscale', the RightScale agent takes over and authenticates your RightScale username over a key-based exchange without prompting you for a password.

Tips for Using PuTTY

PuTTY comprises a powerful set of utilities for managing SSH, telnet, and Rlogin connections to multi-user operating systems. PuTTY is an ideal client for use on Windows PCs that require remote console connection to Linux server systems. The more you work with PuTTY the more you will discover about how to best manage your particular remote login requirements. Here are a few tips that you might find useful.

  • In the PuTTY Session view you can create and save multiple session profiles and load/use them as you see fit. For example, if you need to SSH into more than one server you can set up a unique session profile for each server (with a different Host Name/IP address), save it and then load it from the Saved Sessions list.
  • You can also configure PuTTY to use both Pageant-managed keys along with SSH>Auth-managed keys by creating separate session profiles; some that use Pageant-managed keys and others that use SSH>Auth-managed keys.

Linux/Unix/Mac OSX Terminal

To SSH into your instance using a terminal application on a Unix, Linux, or Macintosh machine outside of the RightScale Dashboard use the following steps.

  1. First, you must retrieve the private key material of the SSH key that was used to launch the server. In the RightScale dashboard, go to the server info tab and click the SSH Key link.
  2. Select and copy the private key material. Make sure to copy the entire key, including the first and last lines, paste it into a text editor, and save it as a text file named 'id_rsa'
  3. Copy the text file to the location on your local machine where SSH keys are commonly stored. For example, <home>/.ssh.
  4. Open your SSH client application (terminal) and change directory to the location were the new SSH key is stored.
  5. At the command prompt, issue the following command to change permissions on the key file.

chmod 400 <filename>

Example: chmod 400 id_rsa

  1. Now, issue the following command to add the key file to the SSH authentication agent.

ssh-add <key>

Example: ssh-add id_rsa

  1. Connect to your running server using the -i option to pass the parameter for your ssh private key location.

If you are using a RightLink version prior to v5.9 use this command...

ssh -i <key> root@<server public IP address>

Example: ssh -i id_rsa root@54.241.195.177

If you are using RightLink v5.9 or greater use this command...

ssh -i <key> rightscale@<ip_address>

Example: ssh -i id_rsa rightscale@54.241.195.177

You must to post a comment.
Last modified
12:37, 3 Apr 2015

Tags

ssh

Classifications

This page has no classifications.

Announcements

None


© 2006-2014 RightScale, Inc. All rights reserved.
RightScale is a registered trademark of RightScale, Inc. All other products and services may be trademarks or servicemarks of their respective owners.