Virtual Machine (VM) has become a component of today's cloud infrastructure. Ensuring the security of these VMs is paramount. In the face of increasing cyber threats relying on password-based authentication is no longer sufficient. This is where SSH keys come into play. Offering a reliable and efficient method for managing access to your Azure Virtual Machines.
To start your journey of cloud computing mastering the use of SSH keys can significantly bolster your security measures. In this article I will guide you through the process of generating, setting up, and leveraging SSH keys for your VMs to safeguard your data and restrict access.
What Are SSH Keys?
SSH keys serve as a pair of keys utilized for authenticating a user to an SSH (Secure Shell) server. This method of validation offers security compared to password-based logins making it the preferred option, for accessing servers, such as Azure Virtual Machines.
Components:
Public Key: This key is shared with the SSH server. It can be freely distributed without compromising security.
Private Key: Safeguarded on your device this key should never be shared with others. It is used to fix the challenge provided by the server confirming your identity without transmitting the key, over the network.
How SSH Keys Work:
Creating Key Pairs: Initially, you need to create a set of keys. One public and one private. This process can be carried out using tools provided by your operating system.
Sharing Public Keys: Next, you transfer the key to any server you want to connect to. This task can be completed either manually or, by utilizing automated methods.
Verification Process: Upon attempting to connect to the server it sends a challenge that corresponds with your key.
Benefits:
Enhanced Security: Unlike passwords, SSH keys are highly resistant, to brute force attacks. Because the private key remains on your device at all times attackers are unable to intercept it.
Convenience: After setting up SSH keys, logging in becomes quicker and easier. You don't need to type a password each time, which is especially useful if you manage multiple servers.
Automation: SSH keys are essential for automated processes like scripts and deployments. They allow secure, passwordless logins, making automated tasks more efficient and secure.
Preparation Required
Before we start, ensure you have the following:
Azure Account: An active Azure account.
Tools: An SSH client (such as OpenSSH) and Azure CLI installed on your machine.
Step-by-Step Guide to Using SSH Keys with Azure VMs
Let's go through the steps required to set up and use SSH keys with Azure Virtual Machines.
1. Generate SSH Keys
Generate SSH keys on your local machine. Here’s how to do it on various operating systems:
- Windows:
Open PowerShell on your Windows computer.
Type or paste this command:
ssh-keygen -t rsa -b 2048
Enter your file name in which you want to save the key.
Use “.ssh directory” as default location.
- macOS/Linux:
Open Terminal.
Type/paste this command: ssh-keygen -t rsa -b 2048
Follow these prompts when generating SSH keys:
Save Location: Press Enter to accept the default or type a custom path.
Passphrase: Press Enter for no passphrase or type a secure one.
Confirm Passphrase: Retype the passphrase and press Enter.
Your keys will be saved.
2. Create a Virtual Machine in Azure Portal
Create a new VM in the Azure Portal using SSH keys:
Log in: Access the Azure Portal.
Create Resource: Click on "Create a resource" and select "Virtual Machine".
Basics: Fill in the necessary details (name, region, image, etc.).
Authentication: Under "Administrator account", select "SSH public key".
Public Key: Copy the contents of your id_rsa.pub file and paste it into the "SSH public key" box.
Review + Create: Complete the configuration and click "Review + Create".
3. Access Your VM Using SSH
Connect to your VM using the SSH key:
Open Terminal/Command Prompt: Open your terminal or SSH client.
Connect: Use the following command to connect to your VM:
ssh -i /path/to/your/private_key username@your_vm_ip_address
Note* Replace /path/to/your/private_key with the path to your private key file (e.g., ~/.ssh/id_rsa), username with your VM username, and your_vm_ip_address with your VM's IP address.
4. Add or Remove SSH Keys on an Existing VM
To manage SSH keys on an existing VM:
Add Key:
Open your VM in the Azure Portal (Shown in Step 2)
Navigate to "Settings" > "Configuration".
Add your new public key to the "SSH public keys" section.
Remove Key:
Connect to your VM using an existing key.
Open the ~/.ssh/authorized_keys file.
Remove the line containing the public key you want to delete.
5. Automating SSH Key Management with Azure CLI
Use Azure CLI (Command Line Interface) to automate SSH key management tasks.
Generate SSH Keys:
Run the following command to generate a new SSH key pair:
ssh-keygen -t rsa -b 2048 -f ~/.ssh/myKey
Use Azure CLI to add a new SSH key to an existing VM:
To easily include an SSH key, in an Azure VM you can use the Azure CLI. This method streamlines the procedure. Enables you to modify the SSH settings without having to access the VM directly. Here’s another command used to accomplish this:
az vm user update --resource-group myResourceGroup --name myVM --username my username --ssh-key-value ~/.ssh/myKey
Conclusion
Setting up SSH keys for your Azure Virtual Machines is essential, for safeguarding the security of your system. Following these details can enhance the protection of your VM. Improve your efficiency. It's important to update and change your keys to uphold security protocols. Start using SSH keys today to protect your virtual machines and ensure that your data remains secure.
Follow Umesh Pandit
https://www.linkedin.com/newsletters/umesh-pandit-s-notes-7038805524523483137/