How to access your Managed VPS via SSH Keys
This guide explains how to create SSH keys using WHM and use them to securely access your Managed cPanel VPS via SSH. SSH keys enhance the security of your server by providing a more secure login method compared to passwords.
SSH keys are a secure and convenient way to access your VPS. They use a cryptographic key pair (private and public keys) to authenticate your login, eliminating the need for passwords.
Log in to WHM as the root user.
Navigate to Home > Security Center > Manage root’s SSH Keys.
Click on Generate a New Key.
Fill out the following fields:
- Key Name: Leave blank to use the default name ( id_rsa), or specify a custom name.
- Key Password: Enter a strong password to secure your private key. This is also known as the key passphrase. Confirm it in the next field.
- Key Type: Select RSA (recommended).
- Key Size: Choose 2048 or 4096 for stronger encryption.
Click Generate Key. WHM will create the key pair and display a confirmation message.
After generating the key, go back to the Manage root’s SSH Keys section.
Locate the public key you just created in the list.
Click Manage Authorization next to the key.
Click Authorize to allow the server to accept the key for SSH access.
In the Manage root’s SSH Keys section, locate the private key associated with your public key.
Click View/Download Key.
Copy the key to a file on your local machine or download it as a file.
- Save the contents to Private Key id_rsa (OpenSSH format) to a .pem file or if plan to use PuTTY enter the password/passphrase and click Covert.
Install PuTTY:
- Download PuTTY from the official website.
Configure PuTTY:
- Open PuTTY and enter your server’s IP address in the Host Name (or IP address) field.
- Enter the SSH port (default 22). Please contact support or refer to the welcome email for our custom SSH port.
- Go to Connection > SSH > Auth.
- Click Browse and select your .ppk file.
- Return to the Session category, give the session a name, and click Save.
Connect to the Server:
- Click Open to initiate the connection.
- If prompted, accept the server’s fingerprint.
- You should now be logged in as the root user.
Open a terminal.
Ensure the private key file ( .pem) has secure permissions:
Connect to your server
If prompted, confirm the server’s fingerprint.
Once you have confirmed that your SSH keys are working correctly and you can log in without issues, follow these steps to enhance server security by disabling password authentication:
Log in to WHM as the root user.
Navigate to Home > Security Center > SSH Password Authorization Tweak.
Check the current status: If Password Authentication is enabled, it’s recommended to disable it.
Select the option to disable password authentication and save your changes.
Tip: Disabling password authentication ensures that only users with authorized SSH keys can access your VPS, significantly improving security. Ensure that you have tested and confirmed SSH key-based access before disabling passwords.
If you need assistance with these steps, feel free to reach out to our support team or email helpdesk@elitehost.co.za
Why Use SSH Keys?
SSH keys are a secure and convenient way to access your VPS. They use a cryptographic key pair (private and public keys) to authenticate your login, eliminating the need for passwords.
Step 1: Generate an SSH Key Pair in WHM
Log in to WHM as the root user.
Navigate to Home > Security Center > Manage root’s SSH Keys.
Click on Generate a New Key.
Fill out the following fields:
- Key Name: Leave blank to use the default name ( id_rsa), or specify a custom name.
- Key Password: Enter a strong password to secure your private key. This is also known as the key passphrase. Confirm it in the next field.
- Key Type: Select RSA (recommended).
- Key Size: Choose 2048 or 4096 for stronger encryption.
Click Generate Key. WHM will create the key pair and display a confirmation message.
Step 2: Authorise the Public Key
After generating the key, go back to the Manage root’s SSH Keys section.
Locate the public key you just created in the list.
Click Manage Authorization next to the key.
Click Authorize to allow the server to accept the key for SSH access.
Step 3: Download the Private Key
In the Manage root’s SSH Keys section, locate the private key associated with your public key.
Click View/Download Key.
Copy the key to a file on your local machine or download it as a file.
- Save the contents to Private Key id_rsa (OpenSSH format) to a .pem file or if plan to use PuTTY enter the password/passphrase and click Covert.
Step 4: Access Your VPS Using SSH Keys
Using PuTTY (Windows)
Install PuTTY:
- Download PuTTY from the official website.
Configure PuTTY:
- Open PuTTY and enter your server’s IP address in the Host Name (or IP address) field.
- Enter the SSH port (default 22). Please contact support or refer to the welcome email for our custom SSH port.
- Go to Connection > SSH > Auth.
- Click Browse and select your .ppk file.
- Return to the Session category, give the session a name, and click Save.
Connect to the Server:
- Click Open to initiate the connection.
- If prompted, accept the server’s fingerprint.
- You should now be logged in as the root user.
Using SSH Client (Linux/macOS)
Open a terminal.
Ensure the private key file ( .pem) has secure permissions:
chmod 600 /path/to/private-key.pemConnect to your server
ssh -i /path/to/private-key.pem root@your_server_ipIf prompted, confirm the server’s fingerprint.
Step 5: Disable Password Authentication (Optional but Recommended)
Once you have confirmed that your SSH keys are working correctly and you can log in without issues, follow these steps to enhance server security by disabling password authentication:
Log in to WHM as the root user.
Navigate to Home > Security Center > SSH Password Authorization Tweak.
Check the current status: If Password Authentication is enabled, it’s recommended to disable it.
Select the option to disable password authentication and save your changes.
Tip: Disabling password authentication ensures that only users with authorized SSH keys can access your VPS, significantly improving security. Ensure that you have tested and confirmed SSH key-based access before disabling passwords.
If you need assistance with these steps, feel free to reach out to our support team or email helpdesk@elitehost.co.za
Updated on: 11/12/2024
Thank you!