Mike Elissen

Need help creating SSH keys for NetStorage?

Blog Post created by Mike Elissen Champion on Sep 8, 2017

Need help creating SSH keys for NetStorage?


Procedure
1) Note what SSH keys Akamai NetStorage supports

  • NetStorage supports both RSA and DSA keys as long as the key length is less than 1,000 characters.
  • NetStorage does not support SSH protocol 1 keys (v1 keys). It only supports v2 keys.
  • RSA keys must be 2048 bits or fewer and DSA keys must be 1024 bits or fewer


2) Generate SSH keys using ssh-keygen or a similar tool that produces keys in the OpenSSH format. On a Linux machine, use the following command to generate the NetStorage SSH Key:

ssh-keygen -v -t rsa -b 2048 -C "Any text" -f netstorage_key

where, -C "Any text" refers to the comments that you can add for the key to help identify the usage of the key and
netstorage_key refers to the name of the NetStorage key that you wish to give.

  • An alternate method (applies to Windows users) is to use Puttygen, a GUI-based ssh key generating application which you can download for free.

 

When using this tool to generate your ssh key

  • Make sure you upload the OpenSSH version of the public key to NetStorage by copying the text under "Public key for pasting into OpenSSH authorized_keys file:"
  • Make sure you convert your private key to Open SSH format by clicking on the "Conversions" and selecting "Export Open SSH key"


Your public key should be in OpenSSH format as in the following examples:

 

RSA example key:

 

ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIEAvLmfw5u9QTr5eBEiTiUPqkNsXGrAfV4yiNS
OYAXx4xvfuq7rRW0w4J4bkXkb7zK6k1BJqOPPKhDO5Xz6/P7j5fz/BGCKrCGDibNM+qKl
BUqjbnQ8ErFH8E0XNyL4Ssmk= user-comment

 

DSA sample SSH key:

 

ssh-dss AAAAB3NzaC1kc3MAAACBANnOss/pKL+W5JY1mL1kXslVIdTbFdQN/cW90
nHRDYeO2UOGSFKYkadean79B5COyk0zO1WrEgFVb62nZuDvthe3NFmcLnemnhu4+2
b5k7KBPMH+4WYap9287VKAqw0Qelew0gZSfH66MhZpyvRb5XRO3GOWVMVqaMc/y/9
UzPPHAAAAFQCU2RjQvaxo9H5U2fYZMsRpn3jGMQAAAIEAhAWu8zyXObfnCAiEg0TF
sdZNWYScvqybpvw4WmBnqrJj0CC3eaX8yDYK9SzZnXQRD0ALaV43p57WV2gYXGrX1
pcw2qwQ1xLfHJDlaJKplau+tXxCMp630ZuYWDNv0QSPvNKt3uNzAoXc7odWMiVUpX
dfmG54IMKryQmh6LFr1KkAAACAELkvOSBCtPoTA77lyywMwJmZ3oQ5moo9rCEAhro
4kzq/2gzJpVn2nZMmFQ8h3x+1DYMVGyNByU3S1j2VAvjR+BoxgeR3B1Tg+1+q+zL5
k+pLH3F2M1ZGMkYlWhmiifmv1cTo5qzsddgbOfnC/i6r37zpLEK0xIIJmX0L1f0ZO
Z8= user-comment

 

3) Upload your public (.pub) key to NetStorage via the Luna management interface. It normally takes about an hour for your new key to propagate.


Tips
If you have trouble using secure access with NetStorage, consider the following possible key issues:

  • Verify the key you uploaded to NetStorage is your public key, not your private key.
  • Ensure your public key lengths are 2048 bits or less for SSH-2 RSA and 1024 bits or less for SSH-2 DSA.
  • Make sure you're using a v2 key
  • Verify that your private key does not allow read/write permission to other users/group.
  • Make sure you DO NOT SHARE your password or keys especially via email.

Outcomes