How do I generate an SSH key? (Mac)
Last updated
Last updated
As a first requirement, you will need to generate an SSH key. This key will be then installed in the Bastion host that will in turn give you access to the private RDS instance.
It's important you check you are in the right directory. This directory contains any other secret keys you may (or may not) have generated in the past.
This command will begin by asking you to give your certificate pair a name. Give it this name: atd_moped_rds
It's gonna ask you for a passphrase, do not enter a passphrase, just hit enter in your keyboard (and again if prompted). After this, you will see something like this.
From the picture above, notice the command generated two files atd_moped_rds (identification) and atd_moped_rds.pub (public key) as well as the permissions. In this document, these are only example files that have been removed, but in here I show you what they look like inside.
The private identification file atd_moped_rds. Again, I've deleted this file, but this one is important and it needs to remain private in your machine and you need to be wise not to share it with anyone.. Notice it has read/write access to YOU only, not other users and not other groups. This is what the file would look like:
This is what the public key (atd_moped_rds.pub) looks like, it is a lot shorter and a little bit more descriptive.
Ironically, this file is just as important and just because it's name says public it doesn't mean we can share it with anyone. It should only exist in the machine that will access the bastion host.
If you have done these steps, then we are ready to move to the next step.
Your identification file (the file without extension, not the .pub file) will need to be installed in the Bastion server, reach out via slack to either Sergio or Mateo and they will give you instructions on how to provide the file safely.
