# 🔑 SSH Access & Connectivity Test RailianceHosts provisions Hetzner servers with your SSH key so you can log in securely (no passwords). Follow these steps to add your key and verify access. --- ## 1) Add your SSH public key to the repo Place your **public key** inside the repo so Terraform can register and inject it into new servers: ```bash mkdir -p keys cat ~/.ssh/id_ed25519.pub > keys/admin_ssh.pub git add keys/admin_ssh.pub git commit -m "Add admin SSH public key" ``` > Use your actual public key file if different (e.g., `~/.ssh/id_rsa.pub`). --- ## 2) Provision a server Run Terraform (directly or via the Makefile helpers): ```bash make tf-apply # or end-to-end: make apply ``` This creates the server(s) and injects your `keys/admin_ssh.pub` for the `admin` user. --- ## 3) Test connectivity After `tf-apply` finishes, note the server's IPv4 address from the output (or from Hetzner Console), then: ```bash ssh admin@ ``` If this is your first time connecting, accept the host fingerprint when prompted. Quick checks once connected: ```bash # confirm you are the admin user whoami # confirm passwordless sudo (as configured by bootstrap) sudo -n true && echo "sudo OK" || echo "sudo requires password" # optional: firewall status sudo ufw status ``` --- ## 4) Troubleshooting - **Permission denied (publickey):** Ensure your public key is in `keys/admin_ssh.pub` before provisioning and that you’re using the correct private key (`ssh -i ~/.ssh/id_ed25519 admin@` if necessary). - **Different username:** The default user is `admin`. If you changed it in your inventory, use that username. - **Stale SSH known_hosts entry:** If you recreated a server, remove the old key: `ssh-keygen -R ` and try again. - **Cloud-init delay:** Right after creation, allow ~30–60 seconds for first-boot cloud-init to finish and sshd to reload.