For each application, Acquia Cloud creates a Unix user account called the site user. An application’s Drupal or PHP code runs as a site user, and all of the application’s environments, including the Development, Staging, and Production environments, use this same account. If there are multiple applications on a single web server, Unix security permissions keep the applications isolated from one another because each application runs as a different Unix user.
To use SSH to sign in to your web server as the website user, you must register SSH public keys for your Acquia user profile which provides a more secure way of signing in to a virtual private server than using a password alone. You can add as many SSH keys as you want, all of which have their own nicknames to help you keep track of them. It is important to note that the SSH key nickname is not a Unix username; it only serves to help you identify your SSH keys. You must sign in to the server using the website user’s Unix username.
Note
If you use Git to manage your Drupal code, you must enable SSH to access your server.
To use SSH to access your server, you must meet the following requirements:
After you add the SSH key, it may take a few minutes until you can use it to access your server.
When you connect to an environment with SSH, your PATH and other environment variables are set up in exactly the same way as they are for web processes, cron jobs, and Cloud hooks. In particular, whichever version of PHP you have configured will be the first in the PATH, and therefore will be the default in your SSH browser session.
To use SSH to access your servers, use one of the following methods:
After you enable SSH access, you can access your application’s web servers using a command in the following form:
ssh [SSH address]
where [SSH address]
is your environment’s server name. To determine your
environment’s server name, complete the following steps:
The following list provides sample host names based on your subscription type:
srv-1.devcloud.hosting.acquia.com
(Acquia Cloud Professional)ded-1.prod.hosting.acquia.com
(Acquia Cloud Enterprise, single-tier)web-1.prod.hosting.acquia.com
(Acquia Cloud Enterprise, multitier)web-1.[realm].hosting.acquia.com
(Acquia Cloud Site Factory, replacing
[realm]
with your realm)As an example, the following command accesses the Staging environment of a
website named example
on the server named
srv-456.devcloud.hosting.acquia.com
:
Note
You can SSH into multi-tier web servers or single-tier servers; however, you
can’t SSH directly into Acquia Cloud Enterprise database servers. Database
servers generally have a server name that starts with fsdb
or
fsdbmesh
. For Acquia Cloud Enterprise applications, you can check the
Servers page in the Acquia Cloud interface to check the server type. If the
service for a server is listed as “Database”, you can’t SSH directly into it.
Windows users can use PuTTY, a free Telnet/SSH client for Windows, to open a window that allows command-line access to your files.
To install PuTTY on your computer, complete the following steps:
Download PuTTY to your computer.
To run the application, double-click the PuTTY icon.
Note
When you run PuTTY, enter the connection information for the server, or load a browser session previously configured to connect to your web server), and then click Open.
In Category > Session, in the Host Name (or IP address) field, enter the SSH address of the environment. You can find the SSH address for an environment in the Acquia Cloud interface, on the Servers page of the environment.
In Category > Connection > SSH > Auth, in the Private key file for authentication field, browse for the private SSH key file you saved on your computer.
In Category > Session, in the Saved Sessions field, enter a name for the server connection, and then click Save.
Use the session you created to connect securely to Acquia Cloud.
Note
If you receive the following warning: WARNING: REMOTE HOST IDENTIFICATION
HAS CHANGED!
, it may mean that your server has been relaunched.
For information about how to handle this warning message, see
SSH and RSA key warnings after a server relaunch.