Adding ssh key pair to Openstack using cli: In this series of Openstack configuration and management, let’s look at how to add ssh keypairs to Openstack. This guide is based on Openstack Victoria release.
Public/private key pairs work by keeping the public key on the server, and the private key on your local workstation. Once the server has verified that the two keys match, a secure connection can be made.
So let us generate new ssh key pair, you can skip this if you already have one:
$ ssh-keygen -t rsa -b 4096
Generating public/private rsa key pair.
Enter file in which to save the key (/home/josphat/.ssh/id_rsa):
Created directory '/home/josphat/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/josphat/.ssh/id_rsa.
Your public key has been saved in /home/josphat/.ssh/id_rsa.pub.
The key fingerprint is:
28:14:e0:14:11:0d:77:23:2d:6c:65:12:4e:26:a1:de [email protected]
The key's randomart image is:
+--[ RSA 4096]----+
| XXO+= |
| + *=*.. |
|. ..o. |
|. .. . |
| . E. . S |
| . |
| |
| |
| |
+-----------------+Copy the key to the clipboard:
xclip -sel clip < ~/.ssh/id_rsa.pubThen login to your Openstack controller node and save the key to a file:
$ vim josphat.pubPaste key contents inside the file, then save it.
Next step is importing the key using openstack keypair command:
#$ openstack keypair create --public-key josphat.pub josphat
+-------------+-------------------------------------------------+
| Field | Value |
+-------------+-------------------------------------------------+
| fingerprint | 19:7b:5c:14:a2:21:7a:a3:dd:56:c6:e4:3a:22:e8:3f |
| name | josphat |
| user_id | 93f0f5c4197f4f73b01bfe8086ecbec0 |
+-------------+-------------------------------------------------+The last “josphat” is the name of the keypair as seen on Openstack command CLI and Horizon dashboard.
Confirm:
$ openstack keypair list
+---------------+-------------------------------------------------+
| Name | Fingerprint |
+---------------+-------------------------------------------------+
| jmutai_pubkey | 19:7b:5c:14:a2:21:7a:a3:dd:56:c6:e4:3a:22:e8:3f |
| josphat | 19:7b:5c:14:a2:21:7a:a3:dd:56:c6:e4:3a:22:e8:3f |
+---------------+-------------------------------------------------+The same can be confirmed on Horizon dashboard by going to Project > Key Pairs:
OpenStack can inject a public ssh key into an instance on launch, so that it’s ready for you to access using the private key once it is ready. Go ahead and create a new VM with the key pair uploaded:
openstack server create \
--flavor m1.tiny \
--image CoreOS-x86_64 \
--nic net-id=a54af9d4-d297-45b6-a98c-79d84add5f2e \
--security-group default \
--key-name josphat coreos-test-vmIf you don’t have any image uploaded, i made a comprehensive guide on how to add images to Openstack, check it on the link below:
Adding images to Openstack Glance
Network id, Image name(ID) and security groups can be obtained using:
$ openstack image list
$ openstack network list
$ openstack security group listSee screenshot below:
Check if instance created is running, and obtain its ip address:
$ openstack server listVerify access:
$ ping -c 4 ip_addressYou can now login to the vm using:
$ ssh [email protected]_addressSince I’m using CoreOS image, default username is core
[email protected] ~ $ cat /etc/os-release
NAME="Container Linux by CoreOS"
ID=coreos
VERSION=1409.8.0
VERSION_ID=1409.8.0
BUILD_ID=2017-08-10-0112
PRETTY_NAME="Container Linux by CoreOS 1409.8.0 (Ladybug)"
ANSI_COLOR="38;5;75"
HOME_URL="https://coreos.com/"
BUG_REPORT_URL="https://issues.coreos.com"
COREOS_BOARD="amd64-usr"That’s all. More Openstack related tutorials to come. Follow us on twitter to get updated.
