Generate and store SSH keys with the Azure CLI
Applies to: ✔️ Linux VMs ✔️ Windows VMs ✔️ Flexible scale sets ✔️ Uniform scale sets
You can create SSH keys before creating a VM and store them in Azure. Each newly created SSH key is also stored locally.
If you have existing SSH keys, you can upload and store them in Azure for reuse.
For more information, see Detailed steps: Create and manage SSH keys for authentication to a Linux VM in Azure.
For more information on how to create and use SSH keys with Linux VMs, see Use SSH keys to connect to Linux VMs.
Generate new keys
Start by preparing your environment for the Azure CLI:
You can use the local Azure CLI.
If you prefer, install the Azure CLI to run CLI reference commands.
Local Azure CLI, see how to install the Azure CLI. If you're running on Windows or macOS, consider running Azure CLI in a Docker container. For more information, see How to run the Azure CLI in a Docker container.
Sign in to the Azure CLI by using the az login command. To finish the authentication process, follow the steps displayed in your terminal. For other sign-in options, see Sign in with the Azure CLI.
When you're prompted, install the Azure CLI extension on first use. For more information about extensions, see Use extensions with the Azure CLI.
Run az version to find the version and dependent libraries that are installed. To upgrade to the latest version, run az upgrade.
After you sign in, use the az sshkey create command to create the new SSH key:
az sshkey create --name "mySSHKey" --resource-group "myResourceGroup"
Note
This command would default to key type of RSA, in order to generate ED25519 keys you can pass in the optional flag
--encryption-type Ed25519
.The resulting output lists the new key files' paths:
Private key is saved to "/home/user/.ssh/7777777777_9999999". Public key is saved to "/home/user/.ssh/7777777777_9999999.pub".
Change the permissions for the private key file for privacy:
chmod 600 /home/user/.ssh/7777777777_9999999
Connect to the VM
On your local computer, open a Bash prompt:
ssh -identity_file <path to the private key file> username@<ipaddress of the VM>
For example, enter: ssh -i /home/user/.ssh/mySSHKey azureuser@123.45.67.890
Upload an SSH key
You can upload a public SSH key to store in Azure.
Use the az sshkey create command to upload an SSH public key by specifying its file:
az sshkey create --name "mySSHKey" --public-key "@/home/user/.ssh/7777777777_9999999.pub" --resource-group "myResourceGroup"
List keys
Use the az sshkey list command to list all public SSH keys, optionally specifying a resource group:
az sshkey list --resource-group "myResourceGroup"
Get the public key
Use the az sshkey show command to show the values of a public SSH key:
az sshkey show --name "mySSHKey" --resource-group "myResourceGroup"
Next steps
To learn more about how to use SSH keys with Azure VMs, see Use SSH keys to connect to Linux VMs.