Setup Azure Linux Public Key Authentication
In working with Linux VMs in Azure, there are a couple of ways to setup authentication. One being standard password authentication, and the other is Public Key Autentication. With Public Key Authentication, a key pair is generated. The public key is housed on the Azure Linux VM and the private key is used by the client to authenticate to the Linux VM. It is a highly secure means of authenticating as a user has to know two pieces of information if the key is secured with a password (recommended). First, they have to possess the private key file, and second, they have to know the password that is assigned to that private key. Let’s take a look at how to setup Azure Linux public key authentication.
Setup Azure Linux Public Key Authentication
First things first, we need to create a new Linux VM. Below we are spinning up a new Ubuntu Server 16.04 LTS VM. Under the Authentication Type we want to select SSH public key.
Generating the public key
How do we get the value to populate the SSH public key? We can use puttygen to do this for us. Let’s open up puttygen and create a public/private key pair. Putty Key Generator or puttygen has a unique way of generating the key. You generate randomness by moving the mouse in the blank area that is displayed in the app.
As you are moving the mouse, you will see the progress indicator moving from left to right as the key is generated by your movements.
Once complete, the public key is displayed in the interface. Notice also, you have the option to Save public key and Save private key. I would recommend saving both of these onto an encrypted drive, location, etc for security purposes. You will need the private key to establish the connection from your remote client. Also, make sure to populate the Key passphrase with a strong password. You will receive a prompt from the remote Linux VM asking for this passphrase upon connection with the private key.
Setting up Putty Connection to Azure Linux VM
To setup your putty connection, you need to obtain your public IP from the Azure portal. Then under your putty connection, scroll down to SSH >> Auth. Here we can browse to and select our private key.
Now, when we connect as you see below, we see that it is authenticating with the private key, and it is asking for the Passphrase for key which is the password that is setup during the public/private key generation.
Thoughts
Public/private key authentication is a great way to secure your Azure Linux VM. The process to Setup Azure Linux Public Key Authentication is not difficult at all and only takes minutes to get in place. It is a great way to make sure your Azure Linux VM has a strong authentication mechanism for remote connections.
