HAProxy ALOHA Load Balancer SSH public key access

Target network diagram

an-0048-en-ssh_public_key_access_page_1_image_0003_new

Context

The client uses SSH to get connected to the Aloha.

Client side configuration

Linux host

To do only if you don’t currently have a SSH key.

1. Generate the key pair with the command ssh-keygen –t rsa:

user:~$ 
ssh-keygen -t rsa

Generating public/private rsa key pair.
Enter file in which to save the key (/home/user/.ssh/id_rsa):
Created directory '/home/user/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/user/.ssh/id_rsa.
Your public key has been saved in /home/user/.ssh/id_rsa.pub.
The key fingerprint is:
9a:1a:37:da:11:0b:9f:0e:fb:e8:b4:93:46:f8:3d:ec user@krusty
The key's randomart image is:
+--[ RSA 2048]----+
|                 |
|                 |
|                 |
|                 |
|    .. . S       |
|   . .o *        |
|    o++X         |
|    .=%+o        |
|    oB+E.        |
+-----------------+

Since our purpose is to get connected to the Aloha without typing anything, we don’t enter a passphrase.

Bear in mind that if somebody manage to steal your private Key, then he would be able to get connected to the Aloha too.

2. Upload your pubic key to the Aloha:

user:~$ scp .ssh/id_rsa.pub admin@192.168.0.100:/tmp/
admin@192.168.0.100's password:
id_rsa.pub 					100% 	393 	0.4KB/s 	00:00

ALOHA configuration

Get connected on the Aloha through SSH:

user:~$ ssh admin@192.168.0.100
admin@192.168.0.100's password:
admin@ALOHA1:~$

Get root access:

admin@ALOHA1:~$ root

Copy the user’s public key into authorized keys dir:

root@ALOHA1:~# cp /tmp/id_rsa.pub /etc/ssh/authorized_keys/admin

To add a key, just concatenate it to the end of the file:

root@ALOHA1:~# cat /tmp/id_rsa.pub >> /etc/ssh/authorized_keys/admin

SSH public key access

This application note is intended to help you access the Aloha load balancer through SSH using your public key.


Objective

Be able to remotely access the Aloha load balancer without typing a password.


Complexity

1


Versions

v3.6 and later