To be able to connect to a cloud virtual machine from the public internet with at least minimal security, one easy method is to create an SSH key pair and use it to secure SSH access to your virtual machine. This post outlines a process for creating the key pair. You should do this before you create your virtual machine so that you can upload the key as part of creating your VM.
For this process, we will use a program called ssh-keygen. ssh-keygen is part of the OpenSSH client, which comes with the Windows operating system. To use ssh-keygen, you need to first verify that OpenSSH client is enabled on your computer.
Verify That OpenSSH Client is Installed
To see OpenSSH Client is installed, navigate: Search –> Settings –> Apps –> Optional features –> Search Installed Features –> OpenSSH. If OpenSSH client shows up, then it is already installed:
If OpenSSH Client is not installed,
- Clear your search box, then click on Add a Feature at the top.
- Locate OpenSSH Client –> Select OpenSSH Client, Install.
- This will enable the OpenSSH client on your computer.
Create the Key Pair
Open a Windows Command Prompt (Search –> cmd — Command Prompt). Then,
ssh-keygen -C "<comment>"On Windows, if you copy the above to the clipboard and then right-click in the command prompt window, the command will be pasted in and you can just press enter to run it.
The above generates a key pair but takes all the defaults for the type of key. Other options are available to make the key more secure, but the default key is sufficient for our purposes. The -C argument places a comment on the public key, which can be helpful to identify which key this is after you have created and saved several keys. A good practice is to enter a comment that coincides with either the key file name or the name you give the virtual machine in the cloud.
Complete the creation of the key pair by providing a file name and a passphrase as follows:
By adding a passphrase, you are securing access to the key itself with a password. Anyone using the key to access your server will have to provide this passphrase. Store this passphrase securely, and make sure you keep track of which passphrases are used with which SSH key pairs.
Your public and private keys will be stored in separate files within the command prompt’s current folder:
It can be a bit annoying, but if you have Microsoft Publisher installed on your Windows computer, double-clicking on the public key file (*.pub) will open Publisher rather than prompt you to open the key with Notepad or another program.
You can open the public and private key files with Notepad to see what the keys look like. The public key file will contain your comment at the end if you used the -C argument:
Your SSH Key Pair is Ready for Use
Be prepared to locate your key files in a File|Open dialog, and also to open your public key file with Notepad so that you can paste it into a browser window when creating you virtual machine.