Secure Shell (SSH) keys are a fundamental building block for accessing virtual machines and cloud resources across the European Weather Cloud (EWC). This page introduces the core concepts behind SSH keys, explains why they are essential for secure access, and provides links to service‑specific guides for adding your SSH key pair.
1. What Are SSH Keys?
SSH keys are a pair of cryptographic files used to authenticate securely to remote systems without transmitting a password. They consist of:
A public key — shared with the service or system you want to access.
A private key — kept securely on your computer and never shared.
Together, they enable a secure, password‑less login method that is widely used across cloud environments.
2. Why SSH Keys Matter in the EWC
SSH keys are the recommended method for accessing virtual machines and compute resources in the European Weather Cloud because they provide:
- Stronger security: SSH keys are far more resistant to brute‑force attacks than passwords.
- Password‑less authentication: Once configured, you can log in without typing a password, improving both security and usability.
- Consistent access across services: Many EWC services rely on SSH keys to grant access to virtual machines, Kubernetes nodes, or infrastructure components.
- User‑controlled credentials: You generate and manage your own keys, giving you full control over your access.
3. How to Create SSH Keys
You will need to create a key pair if you don't have an existing key pair already. If you do, then see below.
From a Linux or Mac, you may generate it with the command (follow the instructions it prompts you with):
ssh-keygen -m pem -t rsa
This creates a key pair in "PEM" format, but other formats exist, please check: What is ssh-keygen & How to Use It to Generate a New SSH Key?
To use the keys for passwordless login, please look at one of the many guides on the Internet for your ssh client (examples below) but note you may need to transform key format in some cases.
- openssh (standard command line tool for Linux and Mac) - https://serverpilot.io/docs/how-to-use-ssh-public-key-authentication/
- PuTTY - https://system.cs.kuleuven.be/cs/system/security/ssh/setupkeys/putty-with-key.html
- mobaxterm - https://cinhtau.net/2016/02/03/use-ssh-keys-for-authentication-with-mobaxterm/
4. Where SSH Keys Are Used in the EWC
SSH keys are required or recommended in several EWC services. Each service has its own procedure for registering or uploading your public key.
Below are links to the relevant guides:
| Service | |
|---|---|
OpenStack | OpenStack-based environments allow you to upload your public key so it can be injected into VMs at creation time: |
Local Linux User | In some cases you want to allow other users into your VM |
LDAP-based Access | Some environments use LDAP-backed systems where SSH keys must be added to your user profile: |
Morpheus | Add your SSH key pair to Morpheus to deploy and access virtual machines: |