coulomb/railiance-infra
0
0
Fork 0
Code Issues Pull Requests Actions Projects Releases Wiki Activity
Files
90d4fbe83e8fa6f42ebaa1328b09ebca7f729ed5
railiance-infra/docs/ssh-access.md

67 lines
1.9 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# 🔑 SSH Access & Connectivity Test
RailianceHosts provisions Hetzner servers with your SSH key so you can log in securely (no passwords). Follow these steps to add your key and verify access.
---
## 1) Add your SSH public key to the repo
Place your **public key** inside the repo so Terraform can register and inject it into new servers:
```bash
mkdir -p keys
cat ~/.ssh/id_ed25519.pub > keys/admin_ssh.pub
git add keys/admin_ssh.pub
git commit -m "Add admin SSH public key"
```
> Use your actual public key file if different (e.g., `~/.ssh/id_rsa.pub`).
---
## 2) Provision a server
Run Terraform (directly or via the Makefile helpers):
```bash
make tf-apply
# or end-to-end:
make apply
```
This creates the server(s) and injects your `keys/admin_ssh.pub` for the `admin` user.
---
## 3) Test connectivity
After `tf-apply` finishes, note the server's IPv4 address from the output (or from Hetzner Console), then:
```bash
ssh admin@<server-ip>
```
If this is your first time connecting, accept the host fingerprint when prompted.
Quick checks once connected:
```bash
# confirm you are the admin user
whoami
# confirm passwordless sudo (as configured by bootstrap)
sudo -n true && echo "sudo OK" || echo "sudo requires password"
# optional: firewall status
sudo ufw status
```
---
## 4) Troubleshooting
- **Permission denied (publickey):** Ensure your public key is in `keys/admin_ssh.pub` before provisioning and that youre using the correct private key (`ssh -i ~/.ssh/id_ed25519 admin@<ip>` if necessary).
- **Different username:** The default user is `admin`. If you changed it in your inventory, use that username.
- **Stale SSH known_hosts entry:** If you recreated a server, remove the old key: `ssh-keygen -R <server-ip>` and try again.
- **Cloud-init delay:** Right after creation, allow ~3060 seconds for first-boot cloud-init to finish and sshd to reload.
Reference in New Issue View Git Blame Copy Permalink