Posted on 15.11.2022

New modern operating systems with improved security out of the box

Password strength has always been a concern for all internet-connected systems. Doubly so for any cloud servers with open service ports. If you’ve ever had a look at your Syslogs after deployment, many servers are immediately subjected to brute-force attacks straight from creation.

For the longest time, the best advice has been to disable password login and use SSH keys for authentication instead. Last year, we introduced one-time passwords for better security while highly recommending everyone move to the SSH-keys-only approach. Now with further changes coming with new operating system templates, it’s time to say goodbye to passwords!

SSH keys only going forward

Starting with the releases of the latest templates from Ubuntu, Alma and Rocky Linux, all new Cloud Server deployments are done with SSH keys only. Enabling password login at server creation is not available using these operating system templates. The following operating systems and any future versions can only be created with SSH keys:

  • Ubuntu 22.04 LTS
  • Alma Linux 9
  • Rocky Linux 9

When deploying one of these templates via your UpCloud Control Panel, you will notice only the SSH keys option is available. Consequently, the Metadata service needs to be enabled during deployment for adding the SSH keys to the server.

Similarly, if you are deploying a new Cloud Server using one of these templates via the UpCloud API, you will need to enable Metadata. The Metadata service can be disabled after server creation if not needed.

One-time passwords remain an option for older templates while available. If your service relies on password authentication, choose one of the other operating systems instead.

Janne Ruostemaa

Editor-in-Chief

GDPR, ISO 27001 and CISPE Code of Conduct: a guide to European compliance with UpCloud

Headquartered in Helsinki, UpCloud stands at the forefront of the European cloud infrastructure industry, rooted in Finnish traditions of technical and business excellence. Every customer who chooses to partner with us isn’t just selecting a cloud hosting solution; they’re placing their business, their confidence, and their aspirations in the hands of a certified Cloud Service […]

Announcements

Data Sovereignty

What is Private Cloud? Definition, architecture, and examples

Private cloud infrastructure emerged as a solution to some of the drawbacks of public cloud services. Although the private cloud has similarities to public cloud architecture, it distinctly provides a proprietary framework dedicated to a single organisation. Cloud services are agile and scalable, and many companies have already made the choice to move away from […]

Industry analyses

Long reads

The evolution of cloud servers in modern computing

Cloud computing has drastically changed how information technology (IT) professionals utilise technology. This infrastructure has enabled businesses to use online tools, platforms, and storage spaces, thereby reducing the costs and operational requirements of having a physical setup. Leveraging the cloud reduces costs in data storage, application execution, operations scaling, and more. Due to this and […]

Industry analyses

Long reads

Back to top