using SSH Keys

Connecting in SSH mode with its public key (with or rather than use the connection via password) offers some advantages: enhanced security, the ability to define a “blank” password, etc. Here are the steps to follow to configure your SSH account with a public key.

Note

SSH access is disabled by default. You will need to activate password connection at least temporarily to add your SSH keys.

In Windows

The actions are performed using PuTTY, an SSH client available free of charge.

  1. Generate the private key:

    • Start PuTTYGen (supplied by PuTTy),
    • Generate a pair of SSH-2 ED25519 keys,
    • Save the private key on your station,

  2. Declare the key on the server by copying this key to the $HOME/.ssh/authorized_keys file in your alwaysdata account,

  3. Configure your PuTTY session to connect in SSH:

    • Go to SSH > Auth menu, to load the path to your private key in Private Key file for authentication.

In Unix / OS X

  1. Generate keys:
    $ mkdir -p $HOME/.ssh
$ chmod 0700 $HOME/.ssh
$ ssh-keygen -t ed25519 -f $HOME/.ssh/id_ed25519
Tip

To never have to enter your password when connecting in SSH mode, specify a blank “passphrase”.

  1. Declare the public key (.pub) on the server:

    $ ssh-copy-id -i $HOME/.ssh/id_ed25519.pub [user]@ssh-[account].alwaysdata.net

    Or by copying the content of this file to the $HOME/.ssh/authorized_keys file in your alwaysdata account.

Note

Replace [user] with your SSH user name and ssh-[account].alwaysdata.net with your SSH hostname.

Users of the Private Cloud can state them directly in the administration interface, they will be global to the entire server and all accounts can use them.

  1. Connecting with SSH: on the next SSH connection, you will be prompted to enter your passphrase (or nothing at all if your passphrase is blank).
Info

DSA keys are not accepted.