Azure:
- openssl.exe req -x509 -nodes -days 365 -newkey rsa:2048 -keyout myPrivateKey.key -out myCert.pem
- We will mostly use the .key file
- The .pem file is only needed for Classic deployments. Typically we wont use this.
—-
- Look up use of req : https://linux.die.net/man/1/req
- The req command primarily creates and processes certificate requests . Thats why the output of req is a cerificate (myCert.pem)
- But we are interested in the private key (myPrivateKey.key). Hence we are using the -keyout flag
- openssl.exe rsa -pubout -in myPrivateKey.key -out myPublicKey.key
- This did not help. Because Azure complained about SSH2
- ssh-keygen -e -f myPrivateKey.key
- This generated the SSH2 key (public) which I copy pasted into azure
- http://stackoverflow.com/questions/41167219/how-do-i-convert-my-open-ssh-public-key-to-ssh2
- ssh-add myPrivateKey.key
- eval `ssh-agent -s`
- ssh–add
- in windows I had to start
ssh-agent
before running thessh-add
command - http://stackoverflow.com/questions/17846529/could-not-open-a-connection-to-your-authentication-agent
References:
- https://docs.microsoft.com/en-us/azure/virtual-machines/virtual-machines-linux-ssh-from-windows
- https://www.jeff.wilcox.name/2013/06/secure-linux-vms-with-ssh-certificates/
AWS:
- In AWS, the private key is saved in a .pem file . you just use the .pem file to connect to the instances.
- Ideally the .pem extension is for certificates, not for keys.
- This was one of my confusions – because AWS saves the key in the .pem file
Tip:
- Use ssh-agent to store private keys. Makes life much simpler!