When creating a Compute Instance, you will not receive a root password. Authentication is based on secure SSH keys instead of using passwords.
SSH keys allow password-less authentication on secure shell (SSH) Connections.
This guide shows how to configure and enable a SSH key on Windows, MacOS or Linux computers.
Requirements
- You have an account and are logged into console.scaleway.com
Before creating your first instance, you have to create a RSA key pair on your local computer. A RSA key pair consists of two elements:
The public key is kept in your Scaleway account and transferred to the instance during the boot process, while the private key is kept securely on your computer.
When connecting to the instance via SSH, a trusted connection to the machine is being established using the key pair. If there is a discrepancy between the keys or any of them is missing, authentication fails and a connection cannot be established.
Important: For security reasons you must generate a 2048-bit or 4096-bit RSA key. Older 1024-bit keys are no longer supported.
1 . Open the terminal application (command line) by clicking on the corresponding icon:
2 . Type the following command ssh-keygen -o -b 4096
and press Enter to generate the new key:
The
-o
option was added in 2014; if this command fails for you, simply remove the-o
flag.
3 . Enter the file path in which to safe the key. Leave it at the default setting if you are creating your first key (which will be saved as id_rsa):
Enter file in which to save the key (/Users/me/.ssh/id_rsa):`
4 . Set a passphrase, this step is not mandatory but highly recommended for increased security. The passphrase can be freely chosen. If no passphrase is required, press Enter:
Enter passphrase (empty for no passphrase):
5 . Enter the passphrase again to confirm it. Then press Enter:
Enter same passphrase again:
6 . The key pair is being generated (a public key that we will copy on your instances, and a private key that you must keep secret). By default, the two files are located in the /Users/me/.ssh/
directory:
id\_rsa.pub
id\_rsa
The entire key generation looks like this
ssh-keygen -o -b 4096
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/me/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /Users/me/.ssh/id_rsa.
Your public key has been saved in /Users/me/.ssh/id_rsa.pub.
The key fingerprint is:
12:93:cc:c1:5b:76:4f:b6:b9:b4:65:b0:33:8b:f1:59 me@localhost
...
cat
command and copy it, as it is required for step 2:cat /Users/me/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC/tcOt7Lwx5MEPyHo+pcK/XYi7ZvZi4OzLZd59E2MyTLg5ZTpMyRqgLLojTloXEtM57A9H95zjNsiU1nJm1iXEMbRfd6f8fWaaK0ms6z5hLgcuDJot0BkfgThpJjIseZ2uEIrEFYOfdhffJofXkC8lS7seEM8B9TG+Y25wFDdILACrX6AHzRd0Bd4T7I8zNL51fT2zKUBaB6hX4K3rm60K5VKZsZBMj/Mg6rI1DifpOmEb9c+gNX5OlRGC+PREQ08dlwONOO+/C+RPCk+mf1hI5if5E6BAGPz7wN5DNN4BjbiR8/rQ/vjvp5CXbWxaL35FIfi/fUFy3mJlz8u17MzEqi22qdsPXC/MvmdJZSGaAIlqHnNoiMgJTjXBaTJGMiRiuGZ5J3ksIjEeLVAGJNLJRUAOPNmTa9xpn0KD6Uh3OJVUwldGPjJYYHjcNhZTsUqyVpci03fbSvWIvlOlIAc7JicW3ES3i5ayIMNRLwYOp8VP5j8nbpB/OfjRu5VsSQpLJFjcK0LCs+eZaStTn4j3/lwR1DKH3dAwVkRls7SfaWzAgV7HF9NTnDADdVz6wHLR2PB4b7ZVdTYqVXgSjiJfYYYowZ2McIV27cXvbNIWUOJi80h63e/43xSjalBIpDNBi0yTvZqOJzu3xBB6QqJqEmKvAszrTVoGK8rgLgC/iw== me@localhost
1 . Download PuTTYgen to your local computer
2 . Launch PuTTYgen by double-clicking on the application:
3 . Select RSA, set the Number of bits in the key to 4096 and click the “Generate” button:
4 . Move the mouse around the blank area, as indicated, to generate some randomness:
5 . Two keys are generated (a public key that we will be copy on your instances, and a private key that you must keep secret):
Key-comment
field with a name to help you identify this key pair1 . To connect to your instances, you must add a public key to your Project.
Save the content of the public key by clicking on Add a new SSH key on the Credentials tab of the Project Dashboard.
A pop up appears. Paste the key in the indicated box, add a description if necessary and click on Add a SSH key.
You are now ready to create and start your first instance!
Important
- If you add a new SSH key into the console and can ssh your instance, reload your ssh-keys with
scw-fetch-ssh-keys --upgrade
command- If you add a new SSH key into the console and can not access your instance, reboot your instance from the Control Panel to load ssh-keys