Deploying from a CI/CD server to an EC2 instance using an RSA SSH key involves a few steps. Here’s a general outline of what you need to do:
- Generate RSA SSH Key Pair (If Not Already Done): If you haven’t already, generate an RSA SSH key pair. This is usually done on your local machine or the CI/CD server. You can use a command like
ssh-keygento generate the keys.
- Locate the Public Key: Once you have your RSA SSH key pair, locate the public key. It’s typically named
id_rsa.pubor something similar.
- Add the Public Key to EC2 Instance:
- Access the EC2 Instance: Log into your EC2 instance.
- Edit the
authorized_keysFile: On the EC2 instance, navigate to the
.sshdirectory of the user you’ll be logging in as (often
~/.ssh). Inside this directory, there should be a file named
- Append the Public Key: Add your CI/CD server’s public SSH key to the
authorized_keysfile. You can do this by editing the file and pasting the key at the end.
- Configure the CI/CD Server:
- Store the Private Key: On your CI/CD server, securely store the private key part of your SSH key pair. The method of doing this varies depending on your CI/CD platform (Jenkins, GitLab CI, GitHub Actions, etc.). Usually, you’ll store it as a secret or in a secure credentials storage.
- Set up the Deployment Script: Your CI/CD pipeline should have a step for deployment which uses SSH to connect to the EC2 instance. In this step, you’ll use the stored private key for authentication.
- Configure Permissions and Security:
- Ensure that your EC2 instance’s security group allows incoming SSH connections (usually on port 22) from your CI/CD server’s IP address.
- Make sure the private key file on the CI/CD server is securely permissioned, typically with
- Test the Connection: Before implementing this in your CI/CD pipeline, test the SSH connection manually to ensure everything is set up correctly.
- Implement in CI/CD Pipeline: Once you’ve tested and confirmed the SSH connection works, implement the deployment step in your CI/CD pipeline. This will usually involve a script or set of commands that are executed to perform the deployment.