SSH Users and Keys

The Avi Controller and Avi Service Engines (SEs) use SSH for secure management communication. The communication falls into two categories, Controller-to-SE, and administrator-to-Controller. This article focuses on the former.

Controller-to-SE Communication

This requires an SSH user who exists on both the Avi Controller and the Avi SEs, and a copy of the SSH user’s public key on the Avi SEs. While SSH setup is automated for some installation types, such as installation into VMware with write access, other installation types require manual setup of these SSH resources:

Create SSH User

To create an SSH user on the Avi Controller, use the following steps.

Note: An SSH user and key that already exist can be used. They still must be added to the Avi Controller using these steps. When creating the user account, the existing key for the user can be added by copy-and-pasting it or by importing the key file.

  1. Navigate to Administration > User Credentials.
  2. Click on Create
  3. Enter the SSH user name (example: root) in the SSH User field.
  4. Click Generate SSH Key Value Pair to create a key pair for the user.
    sshuser-createNote: If the user already exists, you can add the user to Vantage by entering the user name on this dialog, selecting Import Private Key, and either copy-and-pasting or importing the key file.
  5. Click Save.

Download Public Key File

After creating an SSH user on the Avi Controller (using the steps above), the user’s public key can be downloaded from the Avi Controller:

  1. Navigate to Infrastructure > User Credentials.
  2. Click the download icon next to the row for the SSH user.