Overview

This guide walks you through the steps to log in to your Beach instance via SSH. We assume that you have the following ready:

  • a Beach project with at least one instance
  • an SSH client (such as OpenSSH or Putty) and a personal SSH key pair

Behind the Scenes

Your Beach instance is in fact a group of Docker containers hosted in our cloud environment. This group usually consists of separate containers for webserver, PHP-FPM and a special container which runs an SSH server.

The containers of your instance are not directly accesible from the internet. Therefore, in order to log in to your instance, you first need to connect to our central SSH gateway. This kind of gateway is also called a "jump host", because it is an intermediate server which allows you to "jump" to another host, in this case your instance container.

SSH Keys

Before you can connect to an instance, you need to upload your SSH public key to your Beach profile. Once you did that, your SSH key will be granted access to all instances of all projects of all organizations you're a member of.

This is a good time to think about protecting your private key with a very good password or, that's what we do, with a Yubikey.

Connection Method #1: The Modern Way

If you are using OpenSSH 7.2 or newer, there's a nice and easy parameter just for jumping. You can check the version of your SSH client as easy as:

> ssh -V
OpenSSH_7.5p1, LibreSSL 2.5.4

Given you have a modern SSH client, all you need to do is copying the command from your instance's connection info (go to the details of your instance in the Beach user interface). It will look something like this:

ssh -J beach@ssh.flownative.cloud beach@instance-15b3b1ab-abed-2ad0-930b-db7a014c0599 

Copy and paste should do, and if everything's going right, you should be logged in to your instance:

beach@instance-15b3b1ab-abed-2ad0-930b-db7a014c0599-1351654560-jnz1v:/application$

Connection Method #2: The Configuration Way

If you did not get around upgrading to the latest SSH client version, you can still connect through the jump host.

Find your SSH configuration file (on most systems that will be ~/.ssh/config) and open it in your editor. Add the following entry at the end of the file:

Host instance-*
  User beach
  Hostname %h
  ProxyCommand ssh beach@ssh.flownative.cloud -W %h:%p 

Now you should be able to log in to your instance by using the new magical hostname:

ssh instance-15b3b1ab-abed-2ad0-930b-db7a014c0599 

Connection Method #3: The Super Convenient Way

Can't remember your instance identifier by heart? So can't we - and therefore what we at Flownative did for our own website is to add a special configuration section into our SSH client config:

Host www.flownative.com
  User beach
  Hostname instance-15b3b1ab-abed-2ad0-930b-db7a014c0599
  ProxyCommand ssh beach@ssh.flownative.cloud -W %h:%p

Now connecting to www.flownative.com is as easy as connecting to www.flownative.com:

ssh www.flownative.com