Posted in git

Deploying from a CI/CD server to an EC2 instance using an RSA SSH key

   December 5, 2023

Deploying from a CI/CD server to an EC2 instance using an RSA SSH key involves a few steps. Here’s a general outline of what you need to do:

  1. Generate RSA SSH Key Pair (If Not Already Done): If you haven’t already, generate an RSA SSH key pair. This is usually done on your local machine or the CI/CD server. You can use a command like ssh-keygen to generate the keys.
  2. Locate the Public Key: Once you have your RSA SSH key pair, locate the public key. It’s typically named id_rsa.pub or something similar.
  3. Add the Public Key to EC2 Instance:
    • Access the EC2 Instance: Log into your EC2 instance.
    • Edit the authorized_keys File: On the EC2 instance, navigate to the .ssh directory of the user you’ll be logging in as (often ~/.ssh). Inside this directory, there should be a file named authorized_keys.
    • Append the Public Key: Add your CI/CD server’s public SSH key to the authorized_keys file. You can do this by editing the file and pasting the key at the end.
  4. Configure the CI/CD Server:
    • Store the Private Key: On your CI/CD server, securely store the private key part of your SSH key pair. The method of doing this varies depending on your CI/CD platform (Jenkins, GitLab CI, GitHub Actions, etc.). Usually, you’ll store it as a secret or in a secure credentials storage.
    • Set up the Deployment Script: Your CI/CD pipeline should have a step for deployment which uses SSH to connect to the EC2 instance. In this step, you’ll use the stored private key for authentication.
  5. Configure Permissions and Security:
    • Ensure that your EC2 instance’s security group allows incoming SSH connections (usually on port 22) from your CI/CD server’s IP address.
    • Make sure the private key file on the CI/CD server is securely permissioned, typically with chmod 600.
  6. Test the Connection: Before implementing this in your CI/CD pipeline, test the SSH connection manually to ensure everything is set up correctly.
  7. Implement in CI/CD Pipeline: Once you’ve tested and confirmed the SSH connection works, implement the deployment step in your CI/CD pipeline. This will usually involve a script or set of commands that are executed to perform the deployment.
Post Views: 6
Author: user
Website