Cloudera Docs

Managing SSH keys

A Power User can add and delete SSH keys for all users and machine users, and users can add and delete their own SSH keys. Once these SSH keys are uploaded and synced, they can be used to access workload cluster nodes. RSA or ED25519 keys are supported.

Required roles: All users can manage their SSH keys from the account management page. All users can manage their SSH keys from CDP CLI, but this action requires an API access key, which can only be generated by users with the IAMUser role. As a CDP administrator or PowerUser, you can manage the SSH keys for all user accounts.

Manage your own SSH keys

Steps

To add/delete an SSH keys via CDP web interface, click on your user name in the bottom left corner and then select Profile. Next, click on the SSH Keys tab.

  • To add an SSH key, click on Add SSH key, then provide a description, paste your SSH public key and click Save.
  • To delete click on Delete next to the SSH key that you would like to delete and then click Yes to confirm.

Once the SSH public SSH key is added and synced, the user to which the key is assigned can use a matching private SSH key to access workload cluster nodes.

You can manage your SSH keys by using the following CDP CLI commands:

cdp iam add-ssh-public-key
cdp iam list-ssh-publi-keys
cdp iam describe-ssh-public-key
cdp iam delete-ssh-public-key

Manage SSH keys for another user or machine user (admin only)

Steps

To add/delete an SSH keys via CDP web interface, navigate to the Management Console > User Management > Users > search for a user name > click on a user name > SSH Keys.

  • To add an SSH key, click on Add SSH key, then provide a description, paste your SSH public key and click Save.
  • To delete click on Delete next to the SSH key that you would like to delete and then click Yes to confirm.

Once the SSH public SSH key is added and synced, the user to which the key is assigned can use a matching private SSH key to access workload cluster nodes.

You can manage SSH keys for other users by using the following CDP CLI commands:

cdp iam add-ssh-public-key --actor-crn <value>
cdp iam list-ssh-publi-keys --actor-crn <value>
cdp iam describe-ssh-public-key --actor-crn <value>
cdp iam delete-ssh-public-key --actor-crn <value>