Frequently Asked Question

How to access a Virtual Machine with SSH?
Last Updated 7 months ago

1. Introduction

In this guide we access a virtual machine using OpenSSH from the commandline on Linux and Windows 10.

1.1. Requirements

SSH Keys

Before you continue, make sure that you have generated "SSH Keys" and sent your "Public Key" to your contact at EODC. If you haven't created your keys yet, please follow this guide:
How to create SSH Keys

Public IP, Floating IP and Private IP

The terms "Public IP", "Floating IP" and "Private IP" can be confusing. Here are some facts to lighten things up.

  1. A virtual machine with a "Public IP" is directly accessible from the outside world (e.g. from you personal computer)
  2. A virtual machine with only a "Private IP" is only accessible from the internal network (e.g. from another virtual machine inside the same network)
  3. A virtual machine with a Public IP also has a Private IP assigned to it.
  4. Every "OpenStack Project" has at least one virtual machine with a "Public IP" associated. This machine functions as a "Gateway".
  5. You can access internal virtual machines through the "Gateway" by using the "Proxy Jump Directive" as described later on.
  6. "Public IP" addresses are also called "Floating IP" addresses.

Please contact your administrator in case you need to know the IP address of the virtual machine you want to connect to.

1.1.2. On Linux

OpenSSH is installed by default on all Linux distributions.

1.1.3. On Windows 10

OpenSSH can be enabled on Windows 10 Version 1809 and higher. Follow this guide to enable it: How to install OpenSSH on Windows 10.

PLEASE NOTE: If you don't have a current Windows 10 installation or don't want to use the command-line, you can either use "MobaXterm" (recommended) or "PuTTY". See the follwing guides for more information:

2. Connect to your virtual machine

2.1. Connect to a Public IP

In your OpenStack Dashboard you will find at least one Virtual Machine with a "Public IP" address, also called "Floating IP".

If you don't have access to the OpenStack Dashboard please contact your administrator.

imageimage



This Machine functions as a "Gateway" through which you can access other virtual machines on the internal network. These machines have "Private IP" addresses and are not accessible from the outside world except through the "Gateway".

To access the gateway or any other machine with an public IP address associated, open a terminal and use following command.

ssh USERNAME@PUBLIC_IP

Replace "USERNAME" and "PUBLIC_IP" accordingly.

Example:

ssh ubuntu@192.168.20.123
The username depends on the operating system of your virtual machine. For Ubuntu use "ubuntu", for CentOS the username is "centos"

2.2. "Proxy Jump" to a Private IP

To access a virtual machine having only a "Private IP" you need to pass through the "Gateway". This is done by "Proxy Jumping" The "Gateway" is the virtual machine with a "Floating IP" address.

Info: The name of the "Gateway" may differ between projects. To keep things simple we will refer to the name "Gateway".
To access the desired virtual machine you will need the "Floating IP" address of the gateway as well as the "Private IP" of the machine you wish to connect to.

  • Open your OpenStack Dashboard and note down the "Floating IP" address of the "Gateway".

If you don't have access to the OpenStack Dashboard please contact your administrator.

  • Note down the "Private IP" of the virtual machine you wan't to access.
  • Open a terminal and use the SSH command with the "-j" option.

ssh -j USERNAME@PUBLIC_IP USERNAME@PRIVATE_IP
Replace "USERNAME","PUPLIC_IP" and ""PRIVATE_IP"" accordingly.

Example:

ssh -j ubuntu@192.168.20.123 centos@10.250.10.123

The username depends on the operating system of your virtual machine. For Ubuntu use "ubuntu", for CentOS the username is "centos"

2.2.1. Classic SSH Jumphost configuration

On older SSH Versions the "-j" option might not work. If that is the case you need to create a configuration file and save it as "~/.ssh/config".

A configuration like this will allow you to proxy through HOST A and reach HOST B.

Host host_a
  User your_username
  Hostname 192.168.20.123

Host host_b
  User your_username
  Hostname 10.250.10.123
  Port 22
  ProxyCommand ssh -q -W %h:%p host-a

Then use following command to access HOST B.

ssh host_b

Loading ...