Cluster lockdown is the ability to disable password based CVM access and/or only allow key based access.

Generate an RSA key pair from Linux

$ ssh-keygen –t rsa –b 2048

• Public key available at ~/.ssh/id_rsa.pub
• Private key available at ~/.ssh/id_rsa

Generate an RSA key pair from Windows

Use PuttyGen

1. Select the type of key to generate from the bottom of the screen (using SSH-2 RSA with 2048 bit key size is good for most people; another good well-known alternative is ECDSA).
2. Click Generate, and start moving the mouse within the Window. Putty uses mouse movements to collect randomness. The exact way you are going to move your mouse cannot be predicted by an external attacker. You may need to move the mouse for some time, depending on the size of your key. As you move it, the green progress bar should advance.
3. Once the progress bar becomes full, the actual key generation computation takes place. This may take from several seconds to several minutes. When complete, the public key should appear in the Window.
4. Save (at least) the private key by clicking Save private key. It may be advisable to also save the public key, though it can be later regenerated by loading the private key (by clicking Load).

Cluster Lockdown

To add a new public key, click the New Public Key button and then do the following in the displayed fields:

1. Name: Enter a key name.
2. Key: Enter (paste) the key value into the field.
3. Click the Save button (lower right) to save the key and return to the main Cluster Lockdown window.

There are no public keys available by default, but you can add any number of public keys.