6

I am trying to create linux VM with azure cli from local machine. I was able to create VM using following command but now when I want to ssh into the VM, I need to have public key on my local machine?

How can I get the required public key to connect to vm using ssh azureuser@publicIpAddress? Where are the ssh keys generated by --generate-ssh-keys and how to get it?

az vm create \
  --resource-group myResourceGroup \
  --name myVM \
  --image UbuntuLTS \
  --admin-username azureuser \
  --generate-ssh-keys

I used PowerShell 7.0 with elevated privileges to run the above command

Solved

Update 1:

  • SSH keys are generated in c:\users\.ssh\ when you use --generate-ssh-keys switch
  • If there are already file with name id_rsa & id_rsa.pub then it might be conflicting and you can use another switch --ssh-key-values /path/to/public/key to specify different file name
  • After that if you get Permissions for 'private-key' are too open error then follow steps mentioned here
Kundan
  • 1,394
  • 1
  • 13
  • 26
  • 1
    The keys are stored in the `~/.ssh` directory. [Generate keys automatically during deployment](https://learn.microsoft.com/en-us/azure/virtual-machines/linux/create-ssh-keys-detailed#generate-keys-automatically-during-deployment) – Ash Jun 06 '20 at 08:13

2 Answers2

3

From MSDN for --generate-ssh-keys:

Generate SSH public and private key files if missing. The keys will be stored in the ~/.ssh directory.

Which will by default create a private id_rsa and public id_rsa.pub SSH key pair in the ~/.ssh directory if they don't exist. If you already have existing SSH keys in that location, it will just use those and not overwrite them.

On Windows this is the C:\Users\username\.ssh directory.

Additionally, you could also pass in a specific SSH public key path with --ssh-key-values:

az vm create \
  --resource-group myResourceGroup \
  --name myVM \
  --image UbuntuLTS \
  --admin-username azureuser \
  --ssh-key-values /path/to/public/key

This is particularly useful if you have created SSH keys in another location with ssh-keygen.

As @Ash pointed out in the comments, you could have a look at Generate keys automatically during deployment for more information.

RoadRunner
  • 25,803
  • 6
  • 42
  • 75
2

You can find it under

C:\Users\<<your-user-name>>\.ssh

When you create a VM for the first time you get the below message as well

SSH key files 'C:\Users\<<your-user-name>>\.ssh\id_rsa' and 'C:\Users\<<your-user-name>>\.ssh\id_rsa.pub' have been generated under ~/.ssh to allow SSH access to the VM. If using machines without permanent storage, back up your keys to a safe location.

For subsequent VM creations, the same key pair is used and you don't see the message again.

(I verfied using Windows OS, creating a linux VM with RedHat:RHEL:7-RAW:7.4.2018010506 image via Azure CLI)

Guru Pasupathy
  • 440
  • 1
  • 4
  • 13