--- title: "Adding a public key to an Acquia profile" date: "2024-02-14T06:18:38+00:00" summary: "Learn how to add an SSH public key to your Acquia profile for secure access to Cloud Platform environments and Git repositories." image: type: "page" url: "/acquia-cloud-platform/adding-public-key-acquia-profile" id: "5c1e022b-309d-4fbd-985e-37d8dfa1adb6" --- Table of contents will be added To connect to Cloud Platform environments using SSH, you must have an SSH public key added to your Acquia profile. If you have the proper role and permissions as a member of a team, you can also [use your public key to SSH to environments](#ssh-using-key) of applications to which your team is assigned. You can also use your public key to access your Cloud Platform environments using SFTP or rsync, or your Git repository. If you do not already have an SSH key pair, you can [create a new public key](/acquia-cloud-platform/manage-apps/command-line/ssh/getting-started/generate). Your SSH public key must be at least 4,096 bits in size. Note Acquia supports only RSA user keys. To add a public key to your account: 1. On your local computer, use one of the following methods to copy your SSH public key file to the clipboard: * _Using a command_: Open a command prompt, and then run one of the following commands (based on your operating system): * _macOS_: `pbcopy < ~/.ssh/id_rsa.pub` * _Linux_: `sudo apt-get install xclip xclip -sel clip < ~/.ssh/id_rsa.pub` * _Windows (with GitBash)_: `clip < ~/.ssh/id_rsa.pub` * _Using a text editor_: In a text editor, open your SSH public key file, and then copy the contents of the file to the clipboard. Be sure not to add any extra lines or spaces to the copied key. Note By default, the file name is `~/.ssh/id_rsa.pub`. 2. [Sign in to the Cloud Platform user interface](/node/55875). 3. Click your user icon in the admin bar and click **Account Settings**. 4. Click **SSH Keys**. Cloud Platform displays your account’s SSH Keys page. 5. Click **Add SSH Key**. 6. In **SSH Key Name**, enter a descriptive name for the key you’re adding to the account, such as the name of the key’s owner. 7. In **Public Key**, paste the OpenSSH-formatted key. OpenSSH public keys start with `ssh-rsa`, and appear similar to the following example: ssh-rsa AAAAG1bB0us3MAAACBALFF6+dpSkO6bwbJ6BCCwbGavQPqR3JSwGWW== user@hostname 8. Click **Add Key**. You’ll receive an email informing that a key is added to your account. The email will have a subject line similar to the following: Acquia: An SSH key labeled [labelname] was added to your Acquia account. If you get a `'Permission Denied (publickey)'` error while cloning a repository, check that your user role in Cloud Platform has correct permissions for using SSH. Without appropriate permissions, you cannot utilize SSH. Verify your public key settings and ensure that they are correctly configured to resolve the issue. Note After you add a key, there might be a delay of approximately one minute before you can use the key to connect to your environments or repository. Using your public key --------------------- With your SSH public key added to your profile, you can use the key to access a Cloud Platform environment if you meet one of the following requirements: * You are a member of a team assigned to the infrastructure’s application, and you have a role that includes the appropriate SSH permissions. * You are either the _Owner_ or _Administrator_ for the application. Acquia provides the following permissions related to SSH keys: * Add SSH key to Git repository * Add SSH key to non-Production environments * Add SSH key to the Production environment If you have only the **Add SSH key to git repository** and **Add SSH key to non-Production environments** permissions, you can check code in and out of your application’s Git repository, and use SSH to connect to your application’s Development and Staging environments; however, you can’t connect to your application’s Production environment using SSH. To learn more about teams and permissions in Cloud Platform see [Managing users, teams, roles, and permissions](/acquia-cloud-platform/access/teams). Deployment keys and Cloud Platform ---------------------------------- Cloud Platform [does not support the use of deployment keys](/acquia-cloud-platform/known-issues#cloud-known-machine-keys) (_machine keys_) that are not associated with an individual user account. All SSH keys must be associated with a user account. Acquia recommends you [create a new user account](/acquia-cloud-platform/access/teams/members) (in addition to the user accounts of your team members) to store the SSH keys that grant your third-party deployment systems (such as Travis or Jenkins) push access to Cloud Platform. [Assign this user account a role](/acquia-cloud-platform/access/teams/roles) that includes the _Deploy code, files, or databases to the production environment_ permission, and then add the SSH public key to the new user account’s profile. Note Creating a separate account for your deployment keys protects your subscription from unexpected deployment failures if an employee leaves your organization and is removed from your Cloud Platform subscription. Related topics -------------- * [Getting started with SSH](/acquia-cloud-platform/manage-apps/command-line/ssh/getting-started) * [About Cloud Platform permissions](/acquia-cloud-platform/access/teams/permissions)