In MAAS, an SSH key is a cryptographic key used to authenticate users for remote access to deployed machines. SSH keys allow for secure, passwordless login to machines provisioned by MAAS, enabling automated administration and secure system management.
Purpose in MAAS
SSH keys in MAAS serve several functions:
- enable passwordless authentication for remote access to deployed machines
- allow MAAS administrators to inject public keys into user accounts during deployment
- support multiple SSH keys per user for enhanced security and access control
- integrate with cloud-init to automate SSH key distribution on first boot
Scope and behavior in MAAS
- SSH keys are associated with individual MAAS users, not machines
- when a user deploys a machine, their SSH keys are automatically injected into the machine’s authorized keys file
- MAAS only manages public keys; private keys remain the user’s responsibility
- users can add, list, or remove their own SSH keys via the web UI, API, or CLI
Key considerations
- SSH key injection happens only at deployment; updating keys in MAAS does not modify running machines
- each MAAS user can store multiple SSH keys, which are applied to machines they deploy
- lost private keys cannot be recovered through MAAS; users must manage their own key security
- machines deployed without an injected SSH key require alternative access methods (e.g., console login)
Last updated 14 hours ago.