docs: added documentation about setting up ssh-access

docs/ssh-access.md

@@ -0,0 +1,66 @@
+# 🔑 SSH Access & Connectivity Test
+
+RailianceHosts provisions Hetzner servers with your SSH key so you can log in securely (no passwords). Follow these steps to add your key and verify access.
+
+---
+
+## 1) Add your SSH public key to the repo
+
+Place your **public key** inside the repo so Terraform can register and inject it into new servers:
+
+```bash
+mkdir -p keys
+cat ~/.ssh/id_ed25519.pub > keys/admin_ssh.pub
+git add keys/admin_ssh.pub
+git commit -m "Add admin SSH public key"
+```
+
+> Use your actual public key file if different (e.g., `~/.ssh/id_rsa.pub`).
+
+---
+
+## 2) Provision a server
+
+Run Terraform (directly or via the Makefile helpers):
+
+```bash
+make tf-apply
+# or end-to-end:
+make apply
+```
+
+This creates the server(s) and injects your `keys/admin_ssh.pub` for the `admin` user.
+
+---
+
+## 3) Test connectivity
+
+After `tf-apply` finishes, note the server's IPv4 address from the output (or from Hetzner Console), then:
+
+```bash
+ssh admin@<server-ip>
+```
+
+If this is your first time connecting, accept the host fingerprint when prompted.
+
+Quick checks once connected:
+
+```bash
+# confirm you are the admin user
+whoami
+
+# confirm passwordless sudo (as configured by bootstrap)
+sudo -n true && echo "sudo OK" || echo "sudo requires password"
+
+# optional: firewall status
+sudo ufw status
+```
+
+---
+
+## 4) Troubleshooting
+
+- **Permission denied (publickey):** Ensure your public key is in `keys/admin_ssh.pub` before provisioning and that you’re using the correct private key (`ssh -i ~/.ssh/id_ed25519 admin@<ip>` if necessary).
+- **Different username:** The default user is `admin`. If you changed it in your inventory, use that username.
+- **Stale SSH known_hosts entry:** If you recreated a server, remove the old key: `ssh-keygen -R <server-ip>` and try again.
+- **Cloud-init delay:** Right after creation, allow ~30–60 seconds for first-boot cloud-init to finish and sshd to reload.