Information for: DEVELOPERS   PARTNERS

Enabling SSH access

For each application, Cloud Platform creates a Unix user account called the site user. An application’s Drupal or PHP code runs as a site user, and all of the application’s environments, including the Development, Staging, and Production environments, use this same account.

To use SSH to sign in as the website user, you must first register SSH public keys for your Acquia user profile, which provides a more secure method of signing in than using a password alone. You can add as many SSH keys as you want, each with their own nicknames to help you track them.

Note

The SSH key nickname isn’t a Unix username. The nickname serves only to help identify your SSH keys. You must sign in using the website user’s Unix username.

Requirements

To use SSH to access your environment, you must meet the following requirements:

  • Have the appropriate permission. This means you must be a member of a team assigned to the application, and have a role that has SSH access.

  • Register an SSH public key in your Acquia profile, as described in Adding a public key to an Acquia profile.

    Note

    • After you add an SSH key, it may take Cloud Platform several minutes until you can use the key to access your environments.
    • The ssh-ed25519 key isn’t supported on Cloud Platform because it isn’t FIPS compliant.

Using SSH

When you connect to an environment with SSH, your PATH and other environment variables are configured exactly as they are for web processes, cron jobs, and Cloud hooks. In particular, whichever version of PHP you have configured will be the first in the PATH, and therefore will be the default in your SSH browser session.

To use SSH to access your environments, you can either use the ssh command line application, or if you’re a Windows user, you can use the PuTTY SSH client.

After you enable SSH access, you can access your application’s web servers using a command in the following form:

ssh [SSH address]

where [SSH address] is your environment’s server name. To determine your environment’s server name in the Cloud Platform user interface, view the environment’s SSH URL. You can find the SSH URL for an environment on the environment’s Overview page.

Windows users can use PuTTY (a free Telnet/SSH client) that provides a command-line access to your files.

To install and configure PuTTY on your computer, complete the following steps:

  1. Download PuTTY to your computer.

  2. Start the application.

    Note

    When you run PuTTY, either enter the connection information for your server or load a browser session previously configured to connect to your web server, and then click Open.

  3. Go to Category > Session, and in the Host Name (or IP address) field, enter the SSH address of the environment. For information about Cloud Platform environment servers, including their SSH addresses, go to the Servers page in the Cloud Platform interface.

  4. Go to Category > Connection > SSH > Auth, and in the Private key file for authentication field, browse for the private SSH key file stored on your computer.

  5. Go to Category > Session, and in the Saved Sessions field, enter a descriptive name for the server connection.

  6. Click Save.

You can now use the session you created to connect securely to Cloud Platform.

SSH and RSA key warnings

If you receive the following warning message when attempting to use your SSH key, it may indicate that your server has been relaunched:

WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!

For information about how to handle this warning message, see SSH and RSA key warnings after a server relaunch.