What is SSH?

Secure Shell (SSH) is a widely used protocol that allows you to securely access and manage remote Linux systems over an encrypted network connection. It is the standard tool for administrators, developers, and cloud users who need command‑line access to virtual machines or servers. SSH works by creating a protected communication channel between your local computer and a remote machine. More specifically, SSH relies on a client–server model:

• The SSH client runs on your local machine (Linux, macOS, or Windows with an SSH client installed).

• The SSH server runs on the remote Linux VM you want to access.

All traffic—commands you type, files you transfer, and authentication data—is encrypted, preventing eavesdropping or tampering by third parties. This makes SSH a foundational technology for secure remote administration in modern cloud environments.

If you want to read more check these pages:

• https://www.openssh.org/?utm_source=copilot.com
• https://man7.org/linux/man-pages/man1/ssh.1.html#DESCRIPTION

While SSH can be used with passwords, modern cloud environments — including the EWC — rely on SSH keys for authentication. 

Secure Shell (SSH) keys are a fundamental building block for accessing virtual machines and cloud resources across the European Weather Cloud (EWC). This page introduces the core concepts behind SSH keys, explains why they are essential for secure access, and provides links to service‑specific guides for adding your SSH key pair.

1. What Are SSH Keys?

SSH keys are a pair of cryptographic files used to authenticate securely to remote systems without transmitting a password. They consist of:

• A public key — shared with the service or system you want to access.

• A private key — kept securely on your computer and never shared.

Together, they enable a secure, password‑less login method that is widely used across cloud environments.

2. Why SSH Keys Matter in the EWC

SSH keys are the recommended method for accessing virtual machines and compute resources in the European Weather Cloud because they provide:

• Stronger security: SSH keys are far more resistant to brute‑force attacks than passwords.
• Password‑less authentication: Once configured, you can log in without typing a password, improving both security and usability.
• Consistent access across services: Many EWC services rely on SSH keys to grant access to virtual machines, Kubernetes nodes, or infrastructure components.
• User‑controlled credentials: You generate and manage your own keys, giving you full control over your access.

3. How to Create SSH Keys

You will need to create a key pair if you don't have an existing key pair already.  If you do, then see below.

From a Linux or Mac, you may generate it with the command (follow the instructions it prompts you with):

ssh-keygen -m pem -t rsa

This creates a key pair in "PEM" format, but other formats exist, please check: What is ssh-keygen & How to Use It to Generate a New SSH Key?

To use the keys for passwordless login, please look at one of the many guides on the Internet for your ssh client (examples below) but note you may need to transform key format in some cases.

• openssh (standard command line tool for Linux and Mac) - https://serverpilot.io/docs/how-to-use-ssh-public-key-authentication/
• PuTTY - https://system.cs.kuleuven.be/cs/system/security/ssh/setupkeys/putty-with-key.html
• mobaxterm - https://cinhtau.net/2016/02/03/use-ssh-keys-for-authentication-with-mobaxterm/

4. Where SSH Keys Are Used in the EWC

SSH keys are required or recommended in several EWC services. Each service has its own procedure for registering or uploading your public key.

Below are links to the relevant guides: