These instructions explain how to set up an SSH connection to your DC/OS cluster from an outside network. If you are on the same network as your cluster or connected by using VPN, you can instead use the
dcos node ssh command. For more information, see the dcos node section of the CLI reference.
- An unencrypted SSH key that can be used to authenticate with the cluster nodes over SSH. Encrypted SSH keys are not supported.
SSH to your DC/OS cluster on Unix/Linux (macOS, Ubuntu, etc)
- Change the permissions on the
.pem file to owner read/write by using the
.pem file must be located in the
chmod 600 <private-key>.pem
- SSH into the cluster.
- From your terminal, add your new configuration to the
.pem file, where
<private-key> is your
Identity added: /Users/<yourdir>/.ssh/<private-key>.pem (/Users/<yourdir>/.ssh/<private-key>.pem)
- To SSH to a master node:
- From the DC/OS CLI, enter the following command:
dcos node ssh --master-proxy --leader
Tip: The default user is
core for CoreOS. If you are using CentOS, enter:
dcos node ssh --master-proxy --leader --user=centos
- To SSH to an agent node:
- From the DC/OS CLI, enter the following command, where
<mesos-id> is your agent ID.
dcos node ssh --master-proxy --mesos-id=<mesos-id>
Tip: To find the agent ID, select the Nodes tab in the DC/OS web interface and click Details.
SSH to your DC/OS cluster on Windows
- PuTTY SSH client or equivalent (These instructions assume you are using PuTTY, but almost any SSH client will work.)
- PuTTYgen RSA and DSA key generation utility
- Pageant SSH authentication agent
To install these programs, download the Windows installer from the official PuTTY download page.
- Convert the
.pem file type to
.ppk by using PuTTYgen:
- Open PuTTYgen, select File > Load Private Key, and choose your
Select SSH-2 RSA as the key type, click Save private key, then choose the name and location to save your new .ppk key.
SSH into the cluster.