Contents x
      Managing SSH Key Authentication for an iNode
      • 01 Aug 2023
      • 5 Minutes to read
      • Print
      • Dark
        Light
      Contents

      Managing SSH Key Authentication for an iNode

      • Updated on 01 Aug 2023
      • 5 Minutes to read
      • Print
      • Dark
        Light
      Article summary

      SSH keys provide a secure method of accessing the console of your iNode using SSH, eliminating the need for password-based authentication.

      Is SSH Key Authentication Required for All iNodes?

      When you add an Edge iNode or a Virtual Edge iNode, you are required to provision it for SSH key authentication. For iNodes that have already been provisioned and launched, you can edit the iNode configuration to add the SSH key authentication. If you have not yet connected your iNode to the Secure Edge Portal or are unable to do so, please refer to Using the Default SSH Key.

      If you’re currently using password-based authentication for accessing the iNode console, for now you can continue to do so. However, future releases will deprecate password-based authentication and require configuration and use of SSH key authentication. Hence, we recommend you start using SSH key authentication now.

      How to Set Up and Use SSH Key Authentication

      This section describes the steps involved to set up and use SSH key authentication:

      1. Create an SSH public-private key pair
      2. Associate the public key with the iNode
      3. SSH into the iNode console using the private key

      Creating an SSH Public-Private Key Pair

      To create an SSH key pair on a Linux or Mac computer, you can use the ssh-keygen tool. On a Windows computer, you can use the PuTTYgen tool. In this example, we use ssh-keygen.

      1. Enter the ssh-key-gencommand. At the prompt, enter a secure directory location and filename for the file.
        Shell
        >ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key: /home/mycompanykeys/inode1keyfile
      2. A prompt appears to enter a passphrase. Press return to continue without entering a passphrase. If you specify a passphrase, you will need to enter it when using the key to connect.
      3. A second prompt asks you to re-enter the passphrase. Enter a passphrase if you wish to use when, or press return to continue without entering a passphrase.
        Enter passphrase (empty for no passphrase):
Enter same passphrase again:

        After you press return, ssh-keygen confirms the file locations of your public/private key pair. The public key that you need to associate with the iNode is in the file with the extension .pub. The other file is the private key (identification); keep it safe and don’t share it with anyone.

        Your identication has been saved in /home/mycompanykeys/inode1keyfile.
Your public key has been saved in /home/mycompanykeys/inode1keyfile.pub.
      4. Next use the cat command or another method to display the contents of the public key file. You’ll need to copy and paste the public key into the Secure Edge Portal as described in the next section when adding a new SSH key for the organization.
        Shell
        >cat /home/mycompanykeys/inode1keyfile.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDknV6A+5cMPi5KMB/sKNTOlgbfhU6UiUyftE0sXQV6kKnqPgeMMuAsD7NIcLIEXix8s1ZFRw0f82JW8a0YkLzvbfyWDGpTFvL2g7JWLA6rej2VbdjwbAj3ZW8yUOYXNDQZSCHw0DOkPKEsyDIYZAs7Qi2ivrGlKUg0MkgDrJuxJgCwMLP3Dtb8ANdomAyVaX36sVqOoSmsyIwSCFxJpWrsKUTzjv1Ab4/qyeeOFgxwYe7Pr4AzNDMLyd4Qw7LQxreptFfSSkT/TVVar6vwaBWcHxtZaQX7O+VIni6DUlIAqFvzYxYSGvslgBiTI45q+rMA7/+2kcm/eEZOpjzN9+t/

      Associating a Public Key with an iNode

      You need an Admin role in your company’s Secure Edge Portal account to associate a public key with an iNode.

      To associate a public key with an iNode, follow the steps in this section to:

      • Add the public key to Secure Edge Portal
      • Associate the public key with the iNode for which it will provide authentication

      You associate a public key when you first provision and launch an iNode. If you have an iNode that was previously provisioned and launched, but you no longer have access to the private key, you can edit the iNode to associate another public key.

      Adding a Public Key to Secure Edge Portal

      To add a public key to Secure Edge Portal, follow the steps in this section:

      1. Login to the Secure Edge Portal.
      2. From the Secure Edge Portal left menu, select iNodes > SSH Keys to display the SSH Keys page, a table of all SSH keys.SSHkeyspage
      3. Select the plus icon (+) to display the Add SSH Key dialog.
        addSSHdialog
      4. Enter a name for the new SSH public key file.
      5. Paste the content of the public key file you generated in Creating an SSH Public-Private Key Pair into the SSH Public Key field.
        filledsshdialog
      6. Select Add SSH Key.

      Associating the Public Key You Added with the iNode

      You can associate a public key that you added to the Secure Edge Portal with a new iNode when you provision and launch it. If you have an iNode that has been provisioned and launched previously, you no longer have access to the SSH key used to provision the iNode, you can edit the iNode so that it uses another SSH key.

      To associate a public key with an Edge iNode when provisioning it, follow the steps in Provisioning Edge iNodes. For a Virtual Edge iNode, follow the steps in Provisioning Virtual Edge iNodes (VMware).

      To edit an iNode to use a different SSH key, follow these steps:

      1. From the Secure Edge Portal left menu, select iNodes > All iNodes to display the iNodes page.
      2. Select the name of the iNode you want to associate with the public key to display its iNode details page.
      3. Select Manage iNode > Edit to display the Edit iNode dialog.SelectManageInodeEditEditInodeDialog
      4. In the SSH Key section, select the name of the SSH public key you want to use for the Edge iNode. This is the name specified in Step 4 of Adding an SSH Key for an Edge iNode.
      5. Select Update.

      Using the Default SSH Key

      In the event that you have not yet connected your iNode to the Secure Edge Portal and still require access via SSH connection, the iNode is preconfigured with a uniquely generated default SSH key.

      Once the iNode successfully connects to Secure Edge Portal and exits the NEW state, this default SSH key is automatically replaced with the user-configured SSH key and can no longer be downloaded or used for access.

      To download this key, follow these steps:

      1. From the Secure Edge Portal left menu, select iNodes > All iNodes to display the iNodes page.
      2. Select the name of the iNode you want to download the default public key for to display its iNode details page.
      3. Select Manage iNode > Edit to display the Edit iNode dialog.
      4. Download the default SSH key by clicking the button marked Download Default SSH Key.

      DefaultSSHKey

      If you are still encountering issues, please check out our support pages at https://support.iotium.io for further assistance.

      SSH into the iNode Console

      With the public key associated with the iNode, and the private key on your computer, SSH into the iNode console using its IP address and the default username iotium. Use the -i privatekey option to specify your SSH private key. 

      For example:

      >ssh -i /home/mycompanykeys/inode1keyfile [email protected]
      Was this article helpful?
      What's Next