DDVE supports assigning SSH keys during deployment from the Google Cloud console, but you cannot use the Google Cloud console to update SSH keys after deployment. DDVE adds both project-wide and instance-level SSH keys only during the first boot. Use this procedure to enable or update SSH keys.
Steps
Generate SSH key pairs in any Linux client if you do not have SSH keys ready.
$ ssh-keygen –t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/yourusername/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/ yourusername /.ssh/id_rsa.
Your public key has been saved in /home/ yourusername /.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:QcPMwxTVRMpDZ3SrnmZKm4mLpmdhmSHAt4hpjTf6FD4 yourusername@yourlinuxclient
The key's randomart image is:
+---[RSA 2048]----+
| . *=oo=* . |
| o . .*+ +.. . |
| oo+ . ..+ . |
|oo.=o . . . . |
|. + o. +S . |
| . E = . . |
| o .. . . = |
| . +. o B |
| .=. o.= |
+----[SHA256]-----+
Default options create a pair of SSH keys in the
$HOME/.ssh/ directory. The private key file is
id_rsa, and the public key file is
id_rsa.pub.
Run the following command to add the public key content to DDVE:
adminaccess add ssh-keys user sysadmin
sysadmin@myddve1# adminaccess add ssh-keys user sysadmin
Enter the key and then press Control-D, or press Control-C to cancel.
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCyYNyPI1QjpmWbDjbTqkqe7qi3wc97K5JpygX9EeLNEY3VQqzAJsfHwvxkPnyOqKiYXOV3johwQKiZct2/1MUEpd8MvMCaDhlzyf7OrJ7DNgI5P8Ilh/dhCxe6W0crlWcG6UE+ldHzbRrphhMzdt2CNJ3nh/gLGMpQGASHtCJZrXzUHCqu/vivfdm6Zy2bbsNYeCdbJ6MJwaQ2FnKUhGAyeDi7SdsXb+kizokL6J5dJHKDhIJY2lNfF5jclpkoM694wvfSupe+Zz4tx7EVlxDi2BtLrwRSiRWtTIsXYGiyz2Wx3AWzxPGSkLLqBEk0AacWsGba4hElLiAa31NZI5mt
SSH key accepted.
NOTE
You can disable some key pair access by deleting the corresponding key from DDVE with the following command:
adminaccess del ssh-keys <lineno> user sysadmin.
You can list keys and get the
<lineno> by running the following command:
adminaccess show ssh-keys user sysadmin.
Run the following command to disable password login for additional security:
adminaccess option set password-auth disabled
sysadmin@myddve1# adminaccess option set password-auth disabled
** Disabling password based authentication will disallow users to login using password.
Ensure users have other login option(s) configured to access the system.
Do you want to continue? (yes|no) [no]: yes
** Import CA certificate for "login-auth" application to enable GUI/Web-services access.
Adminaccess option "password-auth" set to "disabled".
Data is not available for the Topic
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\