Creating SSH Key Pair for Lab

Before creating a VM on the lab, it is required to have a valid ssh public key on your account. Password authentication is disabled, and the root account does not have a password by default. This ensure no one else, including Tech Haven staff, can login to your VMs via VNC or ssh without your ssh private key.

This post will help guide you through creating a ssh key pair, and sending it to the OpenNebula server with the bot.

Instructions


ssh-key tool is included with most Linux distros and in Windows 10. Follow the following steps to generate a key pair.

  1. Open your terminal, and type ssh-keygen

  2. The tool should ask where you want to save your key. Default location is /home/user/.ssh/id_rsa. Feel free to replace id_rsa with anything you want.

  3. You can create a passphrase for this key if you wish for extra security. Otherwise, keep it empty for no passphrase.

Below is an example of the process.

klar (11:39) ~>ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/ylo/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/ylo/.ssh/id_rsa.
Your public key has been saved in /home/ylo/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:Up6KjbnEV4Hgfo75YM393QdQsK3Z0aTNBz0DoirrW+c ylo@klar
The key’s randomart image is:
±–[RSA 2048]----+
| . …oo…|
| . . . . .o.X.|
| . . o. …+ B|
| . o.o .+ …|
| …o.S o… |
| . %o= . |
| @.B… . |
| o.=. o. . . .|
| .oo E. . … |
±—[SHA256]-----+
klar (11:40) ~>

  1. Output the id_rsa.pub file to terminal, or open in a text editor to copy the key. DO NOT COPY THE PRIVATE KEY. The private key stays on your device, and you should never give this to anyone.

cat ~/.ssh/id_rsa.pub

Sending Key to Fox Bot (Foxy)

DM the bot your PUBLIC key with the update-ssh <public key> command.

You can now create VMs with Fox Bot!

Lab account is required for sending keys and creating VMs. Contact a staff member for a Wireguard client configuration to access the lab private subnet, and a lab account.