Reputation: 1304
How to use a certificate from a Azure Key Vault to connect to a Azure Virtual Machine through Bastion?
I want to secure an azure virtual machine. Currently, I have a login and a password that I use to connect in SSH with Putty.
My idea is to create an RSA certificate in an Azure Key Vault (I managed to do that just fine) and use it to connect to my virtual machine through Bastion. I have no problem using the certificate instead of a password:
However, I first need to configure the machine to use this certificate instead of the currently defined password. I figured it must happen in the reset password tab, but I cannot find what to put inside SSH public key:
I cannot find a way to retrieve the public key from the azure portal, I can download the certificate under the CER or the PFX format, but I tried to get the public key from those files using OpenSSL, but no matter what I do it is invalid.
How can I get a public key that follows the format "ssh-rsa AAAA... username@domainname" that azure requires from a certificate generated in an Azure Key Vault or a from a .pfx or .cer file?
Upvotes: 0
Views: 706
Answers (1)
Reputation: 5550
I tried to reproduce the same in my environment and got the results like below:
To reset SSH public key check the below workarounds:
Try to login to your terminal or cloud bash like below:
ssh username@host
sudo -i
By default, ssh-keygen will generate an RSA key purse with one public and private key
ssh-keygen -t rsa -b 2048
y
ssh-keygen will generate public/private RSA key pair -> Next click Enter if you do not specify any dir it will generate under /root/ .ssh/id_rsa I tried with default one click enter -> overwrite y -> Enter passphrase click Enter -> Enter like below:
The public key will be saved in /root/.ssh/id_rsa.pub. SSH key command generated both public/private under the home directory of user root
cd /root/.ssh/
ls
Now, Try to add the public key to the target server
id_rsa - private key
id_rsa.pub - public key
Use the public key and paste in vm and update like below:
When I try to login my SSH it got login with public key without getting the password-authentication successfully like below:
Now, I tried to connect virtual machine through Bastion it's connected successfully like below:
Upvotes: 1
Related Questions
- load runner standard deviation
- LoadRunner Correlation 'Ord' random issue
- LoadRunner correlation phenomen?
- How to perform correlation in loadrunner between the page urls?
- LoadRunner - Manual Correlation - Unable to get the value using web_reg_save_param
- How to do correlation on dynamic parameter that are occuring in request and not in response in JMETER?
- Handling Multiple Correlation IDs in Load Runner
- how to watch correlations values in LoadRunner?
- Why is auto correlation in loadrunner not always accurate?
- Jmeter load test SAML Request