We can create SSH keys in the web interface by navigating to Compute, then Key Pairs and selecting Create Key Pair. Next, give the key pair name denoted by the variable KEY_NAME and save the downloaded $KEY_NAME.pem file to your home directory. Then, on the command line, move to the home directory, create .ssh directory with read, write and execute privileges for the user if it doesn’t exist, and move your key file into it.
mkdir -p ~/.ssh
chmod 700 ~/.ssh
mv $KEY_NAME.pem ~/.ssh
Next, protect the key with a password.
ssh-keygen -p -f ~/.ssh/$KEY_NAME.pem
Then, change the key to read-only.
chmod 400 ~/.ssh/$KEY_NAME.pem
We will use a virtual machine with the Ubuntu 20.04 operating system. We can launch a virtual machine by navigating to Compute, then Instances, and select Launch Instance. Set the following parameters:
novageniestandard.tiny1Boot from imageUbuntu-20.04$KEY_NAMEdefaultFinally, press Launch.
We can manage internet access to our virtual machine by defining security groups and associating them with the virtual machine. We can set up firewalls and security groups by navigating to Network, then Security Groups.
Let’s create a new security group by selecting Create Security Group and name it SSH. Then, select Manage Rules for the group and Add Rule with the following parameters:
Custom TCP RuleIngressPort22 (Default port for SSH connections.)CIDR<ip-address>/32Substitute <ip-address> with your IP address which you can find out from ifconfig.me. The number after the slash / is the CIDR Prefix. You can learn more about the CIDR subnet mask notation from the Netgate documentation.
Next, let’s create a security group named HTTP and add a rule with parameters.
Custom TCP RuleIngressPort80 (Default port for HTTP connections.)CIDR0.0.0.0/0Finally, let’s create HTTPS security group and add the rule with parameters:
Custom TCP RuleIngressPort443 (Default port for HTTPS connections.)CIDR0.0.0.0/0We can add security groups to a virtual machine by navigating to the Compute menu, then Instances, and in selecting Edit Security Groups from the menu next to Create Snapshot. We should add the SSH, HTTP, and HTTPS groups to our virtual machine. By including the SSH security group, we can connect to our virtual machine via SSH. Furthermore, by including HTTP and HTTPS security groups, we allow traffic from the internet to the web server and application deployed on the virtual machine.
Associating the virtual machine with a floating IP, that is, a public IP, allows users to connect to it with the methods we have set on the security groups. To create and associate a public IP, navigate to the menu next to Create Snapshot and select Associate Floating IP. Then, on the IP Address field, click the plus sign to allocate a new floating IP. Once allocated, select the created floating IP and press Associate. We denote the value of the floating IP as FLOATING_IP.