Test Agent SSH keys¶
The SSH Access tab deals with SSH keys.
You can log in to a Test Agent via SSH by uploading an SSH public key to the Test Agent and then use your corresponding private key to set up an encrypted connection. The public key can be uploaded either from Control Center or from the Test Agent local console.
The tab has two sections:
SSH Keys: These SSH keys are managed by Control Center and are pushed to the Test Agent.
You add SSH keys by clicking the plus-sign button and entering the key. After the key has been installed on the Test Agent, SSH is automatically activated on that Test Agent once it comes online.
A yellow dot to the left of the SSH key name means that the SSH key has not yet been transferred to the Test Agent. Once the key has been transferred, the dot turns green.
You can delete an SSH key by selecting its checkbox, then clicking the trash can button. If you delete all keys, SSH is automatically deactivated on the Test Agent, unless one or more read-only SSH keys are left (see below). As the latter are not manageable from Control Center, the SSH capability will remain activated in that case.
SSH keys pushed from an API (REST or NETCONF/YANG) also end up in this category, so that they are manageable from Control Center.
Note
Any SSH key with one or more options specified will be rejected by the Test Agent, as will keys containing leading or trailing whitespace such as spaces or newlines. Such keys will nevertheless appear in the Control Center GUI, but will never become “green”.
SSH Keys (read-only): These SSH keys are managed locally on the Test Agent.
These keys are ones entered in the Test Agent local console, as described here, or via cloud-config (cloud-init). They cannot be deleted from Control Center.
How to generate and use SSH keys¶
Below is an example of how to generate an SSH key pair (key_file
and key_file.pub
).
$ ssh-keygen -t rsa -f key_file -b 4096 -C "test-agent-key"
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in key_file.
Your public key has been saved in key_file.pub.
The key fingerprint is:
SHA256:w6gKxgzBDOKFDBmKp9+3Y3a437JOIUiM3/oNQac/a2s test-agent-key
The key's randomart image is:
+---[RSA 4096]----+
|Bo.. |
|Xo.o |
|++o o . . |
| + o + = |
|o o * S |
|+. . o + o |
|.+. + o.+ |
|.. . o==E+ |
| . o+OB+. |
+----[SHA256]-----+
$ ls key_file*
key_file key_file.pub
Now copy the contents of key_file.pub
and use it to create a public key either from Control Center or from the Test Agent local console.
Finally, use the private key to connect to the Test Agent, for example:
$ ssh admin@10.0.150.100 -i key_file