Introduction
Using SSH keys for authentication offers significant security advantages over traditional password-based logins. SSH keys are more secure, less prone to brute-force attacks, and eliminate the need for users to remember complex passwords. By leveraging LDAP for user management, you can centralize user authentication and simplify access control across multiple systems.
Steps to Generate and Use SSH Keys for LDAP Users
Generate SSH Key Pair
On a Unix-based System (Linux/macOS):
- Open a terminal
- Generate a new SSH key pair:
ssh-keygen -t rsa -b 2048 - Follow the prompts to save the key (default location is
~/.ssh/id_rsa). You can optionally set a passphrase.
On Windows using PuTTYgen:
- Download and open PuTTYgen.
- Click on "Generate" and move your mouse around to create randomness.
- Save the private key (e.g.,
id_rsa.ppk) and the public key (e.g.,id_rsa.pub).
Add the public keys to LDAP
Using CLI
|
Using Web UI
- Start by connecting to your Remote Desktop with the username assigned to your ldap tenancy.
- Once you're in, launch Firefox and visit the IP of your LDAP server.
- Once you're in the LDAP, You can then click on the user and insert SSH keys
Enable SSH authentication for already provisioned instances:
Go to the Instance → Actions → Run workflow → enable_ssh_authentication
Logging in with SSH Keys
Login Using SSH Keys (Default Path):
ssh username@hostnameorssh -J user@ssh-proxy user@internal-vm
Login Using SSH Keys (Specified Path): If your private key is not in the default location, specify the path using the -i option:
ssh -i /path/to/private_key username@hostname
or
ssh -o "ProxyJump user@ssh-proxy" -i /path/to/private_key user@internal-vm