Impenetrable Server Access.
Zero Passwords Required.
Eliminate the risk of brute-force attacks and credential theft. Neviri's centralized SSH Key management allows you to inject cryptographic public keys directly into your Virtual Machines at launch, ensuring that only authenticated machines can access your critical cloud infrastructure.
The Mechanics of Cryptographic Trust
In the modern cloud landscape, relying on traditional passwords to protect administrative root access is a severe security liability. Automated botnets scan the internet continuously, launching relentless brute-force and dictionary attacks against exposed SSH ports.
SSH keys solve this vulnerability by utilizing asymmetric public-key cryptography. Instead of a single password, you generate a mathematical pair of keys: a public key and a private key. The public key can be freely shared and uploaded to the Neviri dashboard, while the private key is heavily encrypted and stored locally on your physical device.
When you attempt to connect to your Neviri Virtual Machine, the server challenges your local machine to prove it possesses the private key that mathematically corresponds to the authorized public key. Because the private key never traverses the internet, it cannot be intercepted, effectively rendering brute-force attacks mathematically impossible.
$ ssh-keygen -t ed25519 -C "admin@neviri"
Generating public/private ed25519 key pair.
Enter file in which to save the key:
/home/user/.ssh/id_ed25519
Private Key (Keep Secret)
Stays on your local machine, secured by a passphrase.
Public Key (Upload to Neviri)
Injected into your VM during the automated boot process.
Advanced Access Controls
Designed for developers and security teams. Manage access across your entire cloud fleet from a single, unified control plane.
Centralized Key Vault
Upload your public keys once to your Neviri account. They are securely stored in your personal vault, ready to be attached to any new infrastructure you deploy instantly.
Zero-Touch Injection
Select authorized keys during the VM creation process. Our orchestration layer injects them directly via cloud-init before the server even finishes booting.
Ed25519 & RSA Support
We support the most robust cryptographic standards. Utilize ultra-secure, fast-signing Ed25519 elliptic curve keys or traditional RSA keys up to 4096 bits.
Team Collaboration
Scaling a DevOps team? Easily attach multiple public keys to a single server deployment, granting secure root access to specific engineers without sharing credentials.
API Management
Automate your infrastructure security. Fully integrate SSH key management into your CI/CD pipelines or Terraform scripts using the comprehensive Neviri Cloud API.
Immutable Audit Logs
Maintain strict compliance. Every key uploaded, deleted, or injected into a server is logged in your account's activity dashboard for security auditing.
From Terminal to Cloud in Seconds
Implement zero-trust security architecture across your fleet effortlessly.
Generate Your Key Pair
Run a simple terminal command locally to generate a secure, mathematical key pairing. Keep the private key safe.
Upload Public Key
Copy the output of your public key file (.pub) and paste it into the secure SSH Keys vault in your Neviri dashboard.
Deploy & Connect
Select your key when spinning up a new Virtual Machine. Once live, connect instantly via SSH without typing a password.
Comprehensive SSH Key FAQ
Everything you need to understand about cryptographic authentication, cloud security postures, and managing access on Neviri.
An SSH (Secure Shell) key is an access credential that uses public-key cryptography to securely authenticate you with a remote server. It consists of two parts: a public key and a private key. The public key is placed on the server (like a lock), and the private key stays securely on your local machine (like a physical key). When you attempt to log in, the server uses the public key to create a cryptographic challenge that can only be solved by the corresponding private key. If your computer solves the challenge, access is granted—all without ever transmitting a password over the network.
Passwords are fundamentally vulnerable to brute-force attacks, dictionary attacks, and credential stuffing. A complex password might take years to crack, but it can still be stolen via phishing, keyloggers, or intercepted over insecure networks. SSH keys, specifically modern algorithms like Ed25519 or RSA-4096, contain vastly more entropy (randomness) than any human-memorizable password. Because the private key is never transmitted over the internet during authentication, it cannot be intercepted. Without the physical private key file on your local machine, an attacker cannot access your server, even if they know the server's IP address and username.
Neviri supports the most robust and modern cryptographic algorithms available today. We highly recommend using Ed25519, which is a public-key signature system based on elliptic curve cryptography. Ed25519 offers exceptional security, faster generation, and much shorter key lengths compared to older standards. We also fully support RSA keys with a minimum recommended bit length of 2048, though 4096-bit RSA keys are preferred for long-term security. Legacy algorithms like DSA and ECDSA are deprecated due to known cryptographic weaknesses.
It's seamless. First, you add your public key string to the Neviri SSH Key Vault in your dashboard. When you create a new Virtual Machine, you simply check the box next to the keys you want to authorize. During the provisioning process, our orchestration engine automatically injects the selected public keys directly into the `~/.ssh/authorized_keys` file of the `root` user (or default user) on your new VM via cloud-init. Once the server boots, you can log in immediately using your private key.
If you have already deployed a Virtual Machine, you can manage access by manually appending new public keys to the server's `authorized_keys` file via an active SSH session. Additionally, if your instance supports the Neviri agent, you can push new keys to the server directly from your control panel without needing to log in. Removing a key from the Neviri dashboard does not automatically delete it from running servers; it simply prevents that key from being injected into future deployments.
If you lose your private SSH key and password authentication is disabled on your Virtual Machine (which is the recommended security posture), you will not be able to log in via standard SSH. However, you are not permanently locked out. You can use the Neviri Web Console available in your dashboard, which provides out-of-band VNC/TTY access directly to the virtual machine. From there, you can log in using root credentials and add a new public key to your `authorized_keys` file to restore normal SSH access.
For team environments, you should enforce a strict 'one key per developer' policy. Never share private keys. Each developer should generate their own key pair and upload their public key to your team's Neviri organization. When provisioning infrastructure, you can select multiple public keys to inject into the server, granting access to the entire team. If a developer leaves the organization, you simply remove their specific public key from the servers, instantly revoking their access without impacting the rest of the team.
Ready to secure your infrastructure?
Create Your Account