Secure Shell (SSH) Connection Guide
There are some cases where a developer may need to log into a remote instance to do debugging or maintenance work, such as running a Rake task or using a Rails console. For such cases, a developer can log into a remote instance using SSH.
Before connecting to an instance via SSH, you'll have to upload your SSH Public key to JumpCloud.
If you don't yet have an SSH keypair, you can run the following command in your terminal:
$ ssh-keygen -t rsa -b 4096 -C "firstname.lastname@example.org"
After running this command, you'll have two files in
You'll want to copy the contents of your Public key (
~/.ssh/id_rsa.pub) to your Clipboard so we can save it to JumpCloud.
Security Warning: The
id_rsa file that is generated as part of this step is your
SSH Private key. Protect and treat this file with great care, as it is essentially your password to
log into any instances you have access to. Do not share or post this file anywhere else. If you need SSH access from multiple machines, it is best to generate a new SSH keypair for that machine
and upload the new SSH Public key as well.
Connecting via SSH
There are two ways of connecting to an instance through SSH:
SSH through the VPN
The first step to SSH'ing into an instance via the VPN is to open a VPN connection.
To connect to an instance you'll first need a private IP address of the instance you're
trying to connect to. The
workarea <env> instances command can help you out with this.
After you've got a private IP address and have opened a VPN connection, you'll use your Weblinc
username to SSH to an instance:
One feature of connecting through the VPN using a traditional SSH command is you retain the
ability to use traditional
ssh command line arguments and flags.
SSH through the CLI (using the VPN as a Bastian host)
To connect to an instance via the Bastian Host, you can use the
workarea <env> ssh command.
This is useful for quickly SSH'ing into an instance in a specific environment, without having to worry about opening a new or closing an existing VPN connection.
Using the CLI, you can choose to connect to an instance by hostname or private IP address.
For example, if the instance
10.99.16.102 is named
workarea staging ssh app1 will connect you to that instance without having to worry
about looking up the private IP ahead of time.
workarea <env> ssh command also supports SSH'ing to multiple
instances using csshX as well as fuzzy finding instance names.