How to configure additional SSH keys on an instance
3688 Views
09.09.2024 
Compute
Objective
When creating an instance in the OVHcloud Control Panel, you can add only one SSH key for the preconfigured user account. In order to log on to your instance with other user accounts, you can create more keys and add them to the instance in a few steps.
This guide explains how to configure additional SSH keys for connections to your instance.
OVHcloud provides services for which you are responsible with regard to their configuration and management. It is therefore your responsibility to ensure that they function correctly.
This guide is designed to assist you in common tasks as much as possible. Nevertheless, we recommend contacting a specialist service provider or reaching out to our community if you experience any issues.
Requirements
- A Public Cloud instance in your OVHcloud account
- Administrative access to your instance via SSH
Instructions
We currently support the following SSH key formats: RSA, ECDSA and ED25519.
Note that the instructions below are for general use, based on an Ubuntu server OS. Some commands may require customization for the distribution or operating system you are using.
Step 1: Create a new SSH key pair
If necessary, use our SSH key guide to create a new SSH key pair.
You can also find information on managing multiple keys on your local device if your setup requires it.
Step 2: Configure a new user account
Connect to your instance and use the commands below to create a new user account and .ssh folder:
Without further steps, the user account user2 in this example has no elevated permissions. If you need to grant this account root privileges on your instance, add it to the sudo group:
You can learn more about user permissions and related topics in our user account guide.
Step 3: Add the public SSH key to your instance
Transferring public keys created on systems based on GNU/Linux, MacOS or BSD
If you have created your SSH key pairs on a GNU/Linux, MacOS or BSD based system, you can use the command ssh-copy-id to add the public keys to your server.
The ssh-copy-id utility copies public keys to the file ~/.ssh/authorized_keys on the specified remote server and will automatically create the file in this directory if necessary.
By default, ssh-copy-id will try to transfer all public keys inside your local user's ~/.ssh directory. In order to add a single public key, you can specify this key file with the option -i followed by the file path:
Example:
You will be prompted for the user's password. If the process was successful, you will receive a message similar to the one below.
If you receive an error message instead, you can always add your public keys manually by following the steps described below.
As a best practice and for security reasons, a key pair should not be used by multiple users. Since each user on GNU/Linux systems has their own authorized_keys file in ~/.ssh/, you can use the command ssh-copy-id as shown above and adapt KeyFileName and user after you have created the key pair.
Adding public keys to the instance manually
Connect to your instance and open the file authorized_keys in the personal folder of the new user with your preferred text editor (nano is used in this example):
Paste the public key string into this file. Save the file and exit the editor.
Reboot your instance (sudo reboot) or only restart the OpenSSH service with one of the following commands (the appropriate command may vary depending on your OS):
The new user can now connect to the instance from the device that stores the corresponding private SSH key:
Example:
Consult the SSH key guide to learn more about using SSH keys with Public Cloud instances.
Go further
How to create Public Cloud instances
How to replace an SSH key pair on a Public Cloud instance with rescue mode
Join our community of users.
Upgrading your operating system
3182