When you create an Azure VM by specifying the public key, Azure copies the public key (in the. Other key formats such as ED25519 and ECDSA are not supported. Supported SSH key formatsĪzure currently supports SSH protocol 2 (SSH-2) RSA public-private key pairs with a minimum length of 2048 bits. Your public key can be shared with anyone, but only you (or your local security infrastructure) should have access to your private key. You do not need a separate pair of keys for each VM or service you wish to access. If the client has the private key, it's granted access to the VM.ĭepending on your organization's security policies, you can reuse a single public-private key pair to access multiple Azure VMs and services.
When you use an SSH client to connect to your VM (which has the public key), the remote VM tests the client to make sure it has the correct private key. The private key remains on your local system. We recommend connecting to a VM over SSH using a public-private key pair, also known as SSH keys. Although SSH provides an encrypted connection, using passwords with SSH connections still leaves the VM vulnerable to brute-force attacks. SSH is an encrypted connection protocol that provides secure sign-ins over unsecured connections. You can also use the Azure portal to create and manage SSH keys for creating VMs in the portal. To create SSH keys and use them to connect to a Linux VM from a Windows computer, see How to use SSH keys with Windows on Azure.
If you want quick commands rather than a more in-depth explaination of SSH keys, see How to create an SSH public-private key pair for Linux VMs in Azure.
This article shows you how to create and use an SSH RSA public-private key file pair for SSH client connections. With a secure shell (SSH) key pair, you can create a Linux virtual machine that uses SSH keys for authentication. Applies to: ✔️ Linux VMs ✔️ Flexible scale sets