The following ways are provided to access your server and files.


Warning: due to security reasons, we allow key based logins only

Your server is accessible trough SSH by default. We allow only key based logins as non privileged user (no root Login).

Generic devop user

On all servers, a user named devop is created by default. This user is required to execute the puppet-agent shortcut as long as there are no other services/users configured. Furthermore, this user belongs to the adm group which enable access to all system log files in /var/log/.

Shortcuts and sudo configuration

Depending on the installed services, some shortcuts are available to execute certain commands with root privileges. You will find a list of all shortcuts by typing help.

Key Handling

You can add global keys to your server like this:

      "key": "ssh-rsa AAAAB....."

Please use a valid contact address, so we are able to get in touch if something comes up.

Additionaly, you can add custom environment variables to those keys. They get applied on every SSH login:

        "EDITOR":              "/usr/bin/vi"
        "GIT_AUTHOR_NAME":     "Bob"
        "GIT_AUTHOR_EMAIL":    ""
        "GIT_COMMITTER_NAME":  "Bob"
      "key": "ssh-rsa AAAAB....."

Create SSH Key

  • use 4096 bit RSA Keys
  • encrypt with PKCS8
ssh-keygen -b 4096 -C -f ~/.ssh/id_rsa_tmp
openssl pkcs8 -topk8 -v2 des3 -in ~/.ssh/id_rsa_tmp -out ~/.ssh/id_rsa
mv ~/.ssh/ ~/.ssh/
rm ~/.ssh/id_rsa_tmp

SSH client configuration

Add client configurations to /etc/ssh/ssh_config by setting the ssh::config hash:

  "Host":     "git"
  "HostName": ""
  "User":     "git"


use man ssh_config (online version) for available configuration options


After adding your publickey to the server, is it possible to connect over SFTP. We recommend to use one of the following clients:


To store your key in the memory and not having to enter the password for every connection - use pageant (Windows) or ssh-add it (Linux)


There is no FTP daemon installed by default. Please consider to use SSH/SCP when possible. If you really need access by FTP, follow the instructions on FTP Service.