How to give other people access to an instance¶
These instructions will describe how to share direct ssh access to an instance with another person. Note that this process works for one instance user at a time (e.g.
Receive their public ssh key¶
The first step to allow another person access to an instance is to receive a public ssh key from them. If they're unfamiliar with creating ssh keys, or if they need to create a new pair specifically for this context, they can follow the relevant section in the Training Handout.
Once the person has generated their keypair, direct them to send you their public ssh key in a text file. The contents of public ssh key should have this form:
Public ssh keys can be transferred or shared. Public ssh keys should have the file extension
.pub and can be viewed by running
cat ~/.ssh/id_rsa.pub. Private keys should never be shared or transferred from the machine where they were generated. If you have any questions or concerns, please contact S3IT support.
Add the public key to the
Once you have received the public key from the person who will access the instance, you must add it to the
~/.ssh/authorized_keys file on your instance.
At any time, you can view the current contents of the
~/.ssh/authorized_keys file by running this command from your instance :
By default, the file will contain the public ssh key of the person who created the instance.
Option 1: Use ssh-copy-id from your client¶
You can use
ssh-copy-id to add a public ssh key for a user.
From Mac, Linux, or WSL on Windows:
ssh-copy-id -i ~/path/to/local/key.pub user@ipaddress
This will add the public ssh key to the server, stored as a new line in the file
Option 2: Use a terminal-based text editor from the server¶
Using a terminal-based text editor to edit the
authorized_keys file is also an option if you prefer a more manual approach.
First, it is suggested to make a backup of the
authorized_keys file, in case you make any errors during this process.
cp ~/.ssh/authorized_keys ~/.ssh/authorized_keys_copy
To add a new public ssh key, and with the the
nano text editor, to open the
Each line of the
authorized_keys file is a public ssh key. The first line of the file that you see is the SSH key used when creating the instance. If there are any more lines, each is a public ssh key that has been added to the instance.
To add a new public ssh key, simply move the cursor to a new line and paste the desired public ssh key. When you are finished, exit the
nano editor with
CTRL+x. To confirm type
y + ENTER.
Before you close the connection, open a second connection to the instance to verify that you have not corrupted the
authorized_keys file. If you have any trouble establishing a new connection to the same instance, consider restoring the file from the backup copy:
mv ~/.ssh/authorized_keys_copy ~/.ssh/authorized_keys.
Verify a new public ssh key¶
Once you have added another public ssh key to the
authorized_keys file, they should be able to access the instance as described in the Training Handout.
To verify that the ssh login works with the new key pair, confirm that you can access your instance via ssh from a client:
ssh -i ~/.ssh/key user@ipaddress
Access to ScienceCloud virtual machines is, by default, restricted to users on the UZH campus networks or using the UZH VPN. If you need to grant access to an instance to an external collaborator who does not have access to the UZH VPN, please request a guest UZH account for them from your IT Coordinator.