It is recommended you add an SSH key pair so you can use it to log into your VMs instead of a password. This key pair can also be used to access private Github or git repositories.
Once you have the keys set up in Morpheus, you can arrange for them to be added to new VMs when they are provisioned (last step below) - note that updating these keys or adding them to existing machines needs to be done manually.
If an LDAP server was provided as part of your tenancy (an option, typically default for EUMETSAT-homed tenancies), you may prefer to add the keys to the LDAP server instead - they will then work on all machines (already provisioned or future ones) and can be updated at any time. This section is just about "local" Morpheus-created users. Here's the Getting Started for EUMETSAT tenancies: EUMETSAT tenancy: Default setup
To use the keys for passwordless login, please look at one of the many guides on the Internet for your ssh client (examples below) but note you may need to transform key format in some cases.
- openssh (standard command line tool for Linux and Mac) - https://serverpilot.io/docs/how-to-use-ssh-public-key-authentication/
- PuTTY - https://system.cs.kuleuven.be/cs/system/security/ssh/setupkeys/putty-with-key.html
- mobaxterm - https://cinhtau.net/2016/02/03/use-ssh-keys-for-authentication-with-mobaxterm/
Creating the keys
You will need to create a key pair if you don't have an existing key pair already. If you do, then see below.
From a Linux or Mac, you may generate it with the command (follow the instructions it prompts you with):
This creates a key pair in "PEM" format, as required by Morpheus.
Converting existing keys
Note that it's often good practice to use different credentials for different services, so you may want to create a new key pair instead of reusing existing ones.
However, if you do want to reuse existing keys, they're probably in OpenSSH format, and Morpheus wants PEM (RSA) format. Take a copy first, as the conversion process overwrites the original, then run
ssh-keygen -p -m pem -f /path/to/key_to_be_converted_and_overwritten.
For non-OpenSSH formats or clients, please search for an appropriate conversion mechanism or contact EWC support for help.
Adding the keys in Morpheus
- Go to Infrastructure - Keys & Certs.
- Click the + ADD button
- The following screen should appear:
- Give a meaningful name to the key, such as your username.
- You can leave the public key field blank - Morpheus will fill this automatically by (re)generating it from the private key.
Browse for the private key, or paste its contents. For OpenSSH, it should normally be stored in:
- If your private key requires a passphrase, add it into the relevant text box.
- Save changes
Updating User Settings
Now that your keys are added into Morpheus, you may also configure your user profile so the keys are injected automatically into every new VM you provision when your Linux user is created. See Setting up your User Settings for more information.