To log in to the server using SSH, you can use two authentication methods: password or key (or both). This is a quick introduction/tutorial on generating and adding your SSH key to the server and Cherry Servers portal.
Passwords are usually vulnerable to brute-force attacks, phishing, and human error. They can also be forgotten or missed after deployment. The key is a safer way to connect to the server. In this case, your password authentication is also required. Follow this step-by-step, all your new/reinstalled servers will be ready to log in without saving the password.
Step 1. Generate your SSH key
Step 1.1. Open your terminal (Command prompt (CMD) or PowerShell on Windows OS);
Step 1.2. To generate a new key, enter ssh-keygen –t ed25519 into your terminal. You will be asked to choose the file-saving location. To save it in the default location, press ENTER. (Fig.1.);
Step 1.3. The program will also ask to enter a passphrase (password). There are two options: to leave the row empty or enter a passphrase to secure your key;
Step 1.4. In this step, the key will be generated;
Fig.1. ED25519 key generation example
Step 2. Add your key to the Cherry Servers portal
Step 2.1. Navigate to the directory selected when generating the key, default directory for Windows is C:\Users\<user>\.ssh (For Linux users, it is in the current user's directory: ~/.ssh). (Fig. 2.) You will find your public and private keys in there.
Do not give your private key to anyone. You can open your public key file with a preferred text editor. Check Fig.3. for the ed25519 public key example.
Fig. 2. .ssh directory
Fig. 3. e25519 public key example
Step 2.2. Navigate to the SSH keys page in the portal:
Portal: https://portal.cherryservers.com/settings/ssh-keys
Beta portal: https://portal-beta.cherryservers.com/settings/ssh-keys
Step 2.3. Click on ‘Add SSH key’ (or ‘Add’ in the beta portal)
Step 2.4. Name and paste the generated key here
Fig. 4. Adding SSH key to the portal
Step 2.5. Press Add
Your SSH key is added to the portal! (Fig.5.)
Fig.5. Added SSH key
When ordering a server at the bottom with the instance, you can select which keys you want to add to the server if you have multiple. (Fig.6.)
Fig.6. SSH key selection while deploying
To connect to the server, open your terminal (CMD or PowerShell on Windows OS)
Connect to the server using SSH-> ssh root@<Server’s IP>
Adding SSH key after the server is deployed without it
If the server was deployed without an SSH key, you can add it to the server using this command:
Windows OS: type .\.ssh\id_ed25519.pub | ssh root@<Server’s IP> ‘cat >> .ssh/authorized_keys’ (Fig.7.)
Linux OS: Ssh-copy-id –i <path to public key> root@<Server’s IP> (Fig.8.)
You will need to enter the password, and it will add the key to the server.
Fig.7. Add SSH key to the server Windows OS
Fig.8. Add SSH key to the server Linux
Can’t SSH to the server
After the server is rebuilt, you should get an error that does not allow you to log in (Fig. 9.).
Fig.9. Error after reinstalling
To remove the already existing key, use this command:
Windows: ssh-keygen –f .\.ssh\known_hosts –R <IP>
Linux: ssh-keygen –f /home/<username>/.ssh/known_hosts –R <IP>
MAC: cat ~/.ssh/id_rsa.pub | ssh <username>@<IP> "cat >> ~/.ssh/authorized_keys"
You should get a similar output shown in Fig.10.
Fig. 10. Known hosts removal output.
After it you will be able to connect to the server as normal.