Connect to a Linux VM on Windows Azure – Part 2/2

This is the second part of the series that will walk you through the process of connecting to a Linux VM that runs on Windows Azure. The first part was focused on SSH connections using regular credentials. This post will demonstrate how to use SSH keys for stronger authentication.

Part 1: https://marcelzehner.ch/2013/06/24/quick-post-connect-to-a-linux-vm-on-windows-azure-part-12/
Part 2: This post

First we need to create a public and private key using OpenSSL. After installation you can open a command prompt, navigate to the bin directory inside the install directory and run openssl.exe using some parameters. Feel free to change them as needed.

OpenSSL.exe req –x509 –nodes –days 365 –newkey rsa:2048 –config ..\share\openssl.cnf –keyout path\name.key –out Cert.pem

“days” defines the certificate/key lifetime

“rsa:xxxx” specifies the key length

“config” needs to be added to find the openssl config file

“keyout” is used to specify the private key file name

“out” is used to store the public key/certificate

image

image

The key pair is used as follows: the public key is copied to the remote machine that a connection needs to me made to, in our case this is the Windows Azure VM. The private key is used on the client that will create the connection, in this case my Windows machine. This key needs to be stored in a secure way to make sure no one else will be able to create a successful connection to the Azure VM.

Now let’s create a new Linux VM in Azure and select the option to authenticate with a SSH key. Select the public key (*.pem) from the step before.

image

After the VM is provisioned check out the details of the VM to see the details to make a connection.

image

Now use Putty to create a connection to the VM.

image

After entering the user name a message tells us that authentication was not successful. Sure, we did not specify which private key to use to successfully complete the authentication process. That makes sense, and it shows that it’s no more possible to create connections when you are not the holder of the corresponding private key.

image

Before we can use our public key together with Putty, we need to transform it into another format that Putty can use. This can be done using a tool called Puttygen.exe. Download and start Puttygen and load the private key created earlier.

image

image

image

Now change the key comment to something meaningful and save the private key in a Putty-ready format (*.ppk).

image

image

For better protection of the private key it would make sense to add a passphrase that needs to be entered whenever the key is used. In this example I choose the easy way without the passphrase. I am lazy Smiley

image

As soon as the key is successfully transformed, start Putty again and configure the connection to use this key for authentication.

image

Now connect to the Linux VM again.

image

Enter the user name and boom … you are connected! No password is needed this time as the SSH keys were used to handle the authentication.

image

Now have fun administering your Linux VMs on Windows Azure!

Cheers
Marcel

This entry was posted in Azure and tagged , , , , , , . Bookmark the permalink.

One Response to Connect to a Linux VM on Windows Azure – Part 2/2

  1. Pingback: Quick post: Connect to a Linux VM on Windows Azure – Part 1/2 | marcelzehner.ch

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s