Linux VM Access Simplified: Connect Securely with SSH Keys
Oluwatobiloba Akinbobola
Posted on November 7, 2024
Introduction
Securely connecting to cloud resources like Linux VMs can often feel complex, but SSH key authentication offers a smooth, password-free way to access your virtual machines. By eliminating passwords, SSH keys provide a major boost to security, protecting your VMs from common threats while simplifying access.
In the Azure portal, you will find quick links to all the tools you need to manage resources, configure services, and get started with secure SSH access in minutes. Using SSH keys lets you manage multiple machines with ease, making it the go-to method for both security and efficiency. In short, it is a smarter, safer way to connect.
Skill 1: Use the Azure portal to create a virtual machine
Steps to create and deploy a Linux virtual machine using the portal.
Sign in to the Azure portal: https://portal.azure.com.
Search and select
Virtual machines
.Click +
Create
, then selectAzure virtual machine
in the drop-down.
Click
Next: Disks >
, specify the following settings (leave others with their default values)
Click
Next: Management
> and check the following settings (leave others with their default values)Click
Next: Monitoring
> and specify the following settings (leave others with their default values)When prompted, select
Download private key and create resource
.
Wait for the deployment to complete, then select
Go to resource
.
From the Overview blade, ensure the virtual machine Status is Running.
Skill 2: Connect to the virtual machine and install OS updates
To establish a connection to the virtual machine via SSH. Network traffic must be permitted to port 22 to connect. After connecting, update the operating system and check for updates.
Continue in the portal on the virtual machine page.
On the
Overview
tab, in the top menu, selectConnect
andConnect
in the drop-down.
To view connection methods, select More ways to connect, and then select Native SSH. Note that port 22 is not set up for SSH access when you go over the SSH connection instructions. This needs to be enabled in order to continue. The Native SSH page should be closed.
As a virtual firewall, a Network Security Group (NSG) controls all incoming and outgoing traffic to Azure resources. By default, it blocks all other incoming traffic but permits access from load balancers and other virtual computers connected to the network.Choose
Network settings
from theNetworking
section. Take note of the NSG (Network Security Group) regulations.To allow port 22, select
SSH
in the Service drop-down, thenAdd
the rule.
To allow port 80, select
HTTP
in the Service drop-down, thenAdd
the rule.
Copy the public IP address for connecting to the virtual machine,
close
the Native SSH page,
open aCMD
window to run the SSH connection string.
At the prompt, use SSH to connect to the VM, including the correct key path and public_ip_address (e.g., c:\users\admin\downloads\VM1_key.pem). Type yes when prompted.
ssh -i 'c:\users\admin\downloads\VM1_key.pem' adminuser@public_ip_address
Ensure the command is successful and the prompt changes to adminuser@VM1.
- Get the list of OS updates that are available, then install them. To proceed, type "yes" when asked. Every command needs to be correctly completed.
sudo apt update
sudo apt upgrade
Keep the CMD window open, stay connected to the virtual computer, and move on to the next job.
Skill 3: Install and test the Nginx web service
At the CMD prompt, run each command individually to install Nginx, confirming with Y when prompted. Ensure each command completes successfully.
sudo apt install nginx
- Start the Nginx service.
sudo systemctl start nginx
- Configure Nginx to launch on boot. This is optional but good practice
sudo systemctl enable nginx
- Check to ensure the Nginx service is active (running).
service nginx status
- Open the Nginx welcome page by entering your virtual machine's public IP address, or visit
http://public_ip_address
in a browser.
curl -m 80 public_ip_address
Posted on November 7, 2024
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.