Connect with SSH to Windows or Linux worker nodes for maintenance and troubleshooting

You may need to access Windows or Linux worker nodes in AKS on Azure Stack HCI for maintenance, log collection, or other troubleshooting operations. For security purposes, you'll need to create an SSH connection to access the Windows or Linux worker nodes. To SSH to the nodes, you sign in using the node's IP address.

This topic describes how to create an SSH connection to access both Windows and Linux nodes.

Connect to Windows worker nodes using SSH

To sign in to a Windows worker node using SSH, first get the IP address of your node by running kubectl get and capturing the EXTERNAL-IP value.

Note

You must pass the right location to your SSH private key. The following example uses the default location of %systemdrive%\akshci.ssh\akshci_rsa, but you may need to change this location if you requested a different path by specifying the -sshPublicKey parameter for Set-AksHciConfig.

To get the IP address of the Windows worker node, run the following command:

kubectl --kubeconfig=yourkubeconfig get nodes -o wide

Next, use ssh Administrator@ip to SSH in to a Windows node:

ssh -i $env:SYSTEMDRIVE\AksHci\.ssh\akshci_rsa administrator@<IP Address of the Node>

After you SSH in to the node, you can run net user administrator * to update your administrator password.

Connect to Linux worker nodes using SSH

To sign in to a Linux worker node using SSH, first get the IP address of your node by running kubectl get and capture the EXTERNAL-IP value.

Note

You must pass the right location to your SSH private key. The following example uses the default location of %systemdrive%\akshci.ssh\akshci_rsa, but you may need to change this location if you requested a different path by specifying the -sshPublicKey parameter for Set-AksHciConfig.

To get the IP address of the Linux worker node:

kubectl --kubeconfig=yourkubeconfig get nodes -o wide

Use ssh clouduser@ip to SSH in to the Linux node:

ssh -i $env:SYSTEMDRIVE\AksHci\.ssh\akshci_rsa clouduser@<IP Address of the Node>

After you SSH in to the node, you can run net user administrator * to update your administrator password.

Next steps