Skip to main content

SSH-only access

All VMs are SSH-only. Password authentication is disabled at the OS level. You connect using your SSH key — either a public key you registered or a managed keypair generated on the server.

No root login

Root login is disabled. All access is through the ubuntu user with full sudo privileges. Cloud-init randomizes the root password on every VM — even if root login were re-enabled, the password is unknown.

Key security

Public keys: Your private key never leaves your machine. machine0 only stores the public half. Managed keys: The server generates the keypair and returns the private key at creation time. The private key is saved locally with 0600 permissions. It can only be downloaded once — subsequent requests return only the public key. No keys on server by default. When you use a public key (the default), machine0 stores nothing that could be used to access your VM.

HTTPS endpoints

Every VM gets an HTTPS endpoint at https://<vm-name>.mac0.io, backed by a TLS certificate managed by machine0. This proxies to port 80 on the VM.

Network

Every VM gets a dedicated public IP. VMs are isolated from each other at the network level.