SSH Access to Your VMs
Learn how to connect to your Linux VMs using SSH for secure command-line access.
Prerequisites
- VM with SSH server installed
- VM's IP address
- SSH credentials (username/password or SSH key)
- VPN connection to TxCR
Finding Your VM's IP Address
Via Xen Orchestra
- Log into XO
- Click on your VM
- Look for IP addresses in the General tab
Within the VM (console)
# Show all network interfaces
ip addr show
# Or specifically for main interface
ip addr show eth0
Connecting via SSH
Linux / macOS
Open Terminal and connect:
Example:
First connection will ask to verify fingerprint:
The authenticity of host '10.50.1.100' can't be established.
ED25519 key fingerprint is SHA256:xxxxx.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Type yes and press Enter.
Windows
Option 1: Built-in OpenSSH (Windows 10/11)
Option 2: PuTTY
- Download PuTTY
- Run PuTTY
- Enter hostname/IP
- Port: 22
- Connection type: SSH
- Click "Open"
- Enter username and password
SSH Key Authentication (Recommended)
Generate SSH Key Pair
Linux/macOS:
ssh-keygen -t ed25519 -C "[email protected]"
Windows (PowerShell):
ssh-keygen -t ed25519 -C "[email protected]"
Save to default location and optionally set a passphrase.
Copy Public Key to VM
Method 1: ssh-copy-id (Linux/macOS)
ssh-copy-id [email protected]
Method 2: Manual
# Display your public key
cat ~/.ssh/id_ed25519.pub
# SSH into VM and add to authorized_keys
mkdir -p ~/.ssh
chmod 700 ~/.ssh
echo "your-public-key-here" >> ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
Connect with Key
ssh -i ~/.ssh/id_ed25519 [email protected]
SSH Config for Easy Access
Create ~/.ssh/config:
Host txcr-vm1
HostName 10.50.1.100
User alex
IdentityFile ~/.ssh/id_ed25519
Host txcr-vm2
HostName 10.50.1.101
User admin
IdentityFile ~/.ssh/id_ed25519
Now connect simply:
ssh txcr-vm1
File Transfer via SCP/SFTP
SCP Examples
Copy file TO server:
scp localfile.txt [email protected]:/remote/path/
Copy file FROM server:
scp [email protected]:/remote/file.txt ./local/path/
Copy directory recursively:
scp -r local/directory [email protected]:/remote/path/
SFTP Session
sftp [email protected]
SFTP commands:
ls- list remote fileslls- list local filescd- change remote directorylcd- change local directoryget file.txt- download fileput file.txt- upload fileexit- quit
Troubleshooting
Connection Refused
Check:
- VPN is connected
- SSH service is running:
sudo systemctl status sshd - Firewall allows port 22:
sudo firewall-cmd --list-all - Correct IP address
Permission Denied
Verify:
- Correct username
- Correct password
- SSH key permissions (600 for private key, 644 for public)
- User account is not locked
Timeout
- Check VM is running
- Verify network connectivity:
ping 10.x.x.x - Check routing
Security Best Practices
✅ Do:
- Use SSH keys instead of passwords
- Disable root login
- Change default SSH port (optional)
- Use strong passphrases
- Keep SSH client/server updated
❌ Don't:
- Use weak passwords
- Share private keys
- Allow password authentication for root
- Expose SSH to untrusted networks
Disable Password Authentication
After setting up keys:
Edit /etc/ssh/sshd_config:
PasswordAuthentication no
PubkeyAuthentication yes
Restart SSH:
sudo systemctl restart sshd
Next Steps
- Account Management - User and password management
- VS Code Remote - Remote development
- Web Server Setup - Deploy applications
See also: FAQ | Troubleshooting