Note: Please go to docs.rightscale.com to access the current RightScale documentation set. Also, feel free to Chat with us!
Home > Guides > Dashboard Users Guide > Manage > Instances and Servers > Actions > SSH into a Server

SSH into a Server

Objective

To open an SSH terminal session on a Linux-based server for root level access to the running server instance or array instance in the cloud.

Overview

The SSH action opens a terminal session on each selected server instance or array instance using Mindterm or your native SSH client. You can configure the default setting in User Settings > SSH. Note that any selected Server Next, Array Next, or unmanaged instances are ignored by the SSH action.

In the cloud, you still have root level access to the actual running instance. In order to create a secure connection to a running instance, an SSH key is used for authentication purposes.  An SSH key is a security component used by some cloud providers to secure client connections to servers in the cloud over SSH or Remote Desktop Protocol (RDP). The type of SSH Key that is used for establishing secure client-server communication depends on the type of underlying RightImage that's being used.

v4 RightImages

For servers launched with v4 RightImages, EC2 SSH Keys are used to create an SSH Console session from the Dashboard, as well as securely run RightScripts on an instance.  When you launch an instance in EC2, you must specify which EC2 SSH Key will be used authenticate an SSH Console session.  When the instance is actually launched, Amazon will load the public key onto the instance.  Later, when you try to SSH into the instance, the matching private key material will be used to authenticate an SSH session.  When you SSH into an instance from the RightScale Dashboard/API, it's important that you use an SSH Key where the private key material is stored in RightScale's database, otherwise, RightScale will not be able to provide the matching private key to validate and create an SSH session or run RightScripts (resulting in a "stranded in booting" server).  One of the shortcomings with this method is that multiple users will use the same SSH Key to SSH into an instance.  Therefore, it becomes difficult to control user level access or determine who is actually SSH-ing into an instance.  v5 RightImages address this particular issue by enabling Managed SSH for more granular user level SSH access.

v5 RightImages

For servers launched with v5 RightImages, RightLink is used to establish a secure connection between the instance and the RightScale core site for running scripts.  Managed SSH is also supported, which allows each user to use their own SSH Key (SettingsUser Settings > SSH) to establish secure shell access for client-server connections.  If you're using EC2 instances, you must still specify an EC2 SSH Key when you launch an instance.  However, it's no longer used for SSH purposes, so it's no longer imperative that the EC2 SSH key have key material stored in the RightScale database like instances using v4 RightImages.  But, you can still use the EC2 SSH key to SSH into an instance using a third party tool like PuTTY or AWS Console.

Prerequisites

  • A running cloud instance
  • Valid key authentication for establishing a secure shell connection.  The type of required key authentication varies depending on the underlying machine image and your SSH user preferences and settings.
  • 'server_login' and 'server_superuser' if you are running RightImage 5.7 and lower (both roles will need to be enabled to be able to SSH into a server). If you are running 5.8 or newer, like with 5.7 and lower, you can have both roles enabled or you can have either 'server_login' (which allows you to login as the user of the account without root access) and 'server_superuser' (which allows you to login as root to the server). For more information, see RightScale Account and User Management
  • If you're using a cloud that support security groups to control the instance's firewall permissions (e.g. AWS) you must configure the security group to allow SSH access over TCP port 22. See Create a New Security Group.
  • If you are using a VLAN cloud that uses IP port forwarding instead of security groups to control an instance's firewall permissions (e.g. CloudStack, Rackspace, etc.) you must set up a port forwarding rule for TCP port 22 to allow SSH access. See Create new Port Forwarding Rules.
  • Requires 'server_login' user role privileges to SSH into a server from the RightScale dashboard.

Steps

SSH into a Running Server Instance or Array Instance

  1. In the Dashboard user interface, go to Manage > Instances & Servers.
  2. Select one or more server instances or array instances for which you want to open an SSH session.
  3. Click Actions and select SSH from the drop-down menu. If you selected more than one item you will be prompted for confirmation.

screen-MSA-Action-SSH_v1.png

 

  1. An SSH session is initiated according to your configuration in User Settings -> SSH.

Alternately, you can simply click the SSH icon in the Operations column to initiate an SSH console session.

You must to post a comment.
Last modified
13:18, 7 Aug 2014

Tags

Classifications

This page has no classifications.

Announcements

None


© 2006-2014 RightScale, Inc. All rights reserved.
RightScale is a registered trademark of RightScale, Inc. All other products and services may be trademarks or servicemarks of their respective owners.