What are SSH keys?
SSH keys allow users to SSH to servers with a more secure method rather than having to rely on passwords alone. Passwords can be brute forced, given out, or found out. SSH keys allow users to store a private key on their local machine, and a public key on their Cloud Server letting them SSH to their Cloud Server without the need for passwords. A SSH key pair consists of a public key and a private key. You can upload your public key on any server, but should keep your private key stored in a protected place preferably with a passphrase.
Create a Key Pair
To create a key pair, you will want to open a terminal on your local machine and run the following command:
ssh-keygen -t rsa
- rsa is currently the default for ssh-keygen. There are other options including:
* ed25519 (32-byte keys using the ECC Edwards 25519 curve by <djb>) * ecdsa (NIST-approved ECC version of DSA) * rsa (default) * dsa (DSA algorithm- not recommended)
Store Your Keys
When you run the ssh-keygen command, you will be asked a few more questions like where to store the key.
Enter file in which to save the key (/home/<user>/.ssh/id_rsa):
Next you can create a passphrase for the Key Pair that will be required when they are used. You will want to remember this passphrase, or store it in a safe place. It is up to you if you wish to use one, however XMission strongly recommends that you do. SSH key passphrases prevents the ability to use your local machine against you if it were stolen or if an unauthorized user attempted to SSH.
- If you have followed the above steps, you should see the following:
user@webserv:~# ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/user/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /user/.ssh/id_rsa. Your public key has been saved in /user/.ssh/id_rsa.pub. The key fingerprint is: b6:63:38:16:ff:8f:cd:fa:b8:a8:23:d1:2e:5c:d5:7e firstname.lastname@example.org The key's randomart image is: +--[ RSA 2048]----+ | | | | | . | | . . | | ...S. | | . o= .. E | | . ++ = . | | +.oo + = | | o.o. *== | +-----------------+
- You will now see that the public key that you will want to send to your Cloud server is stored in "/user/.ssh/id_rsa.pub"
Send Your Key
After you have created your SSH Key Pair you will want to send your public key to your Cloud Server. You can do this with a simple SSH copy command, or copy and pasting your key into the Cloud Servers ~/.ssh/authorized_keys
ssh-copy-id websites@<your server IP address> ssh-copy-id email@example.com
You should see a prompt telling you it was successful and that you may now SSH to that server. Now you will not be prompted for a password! If you decided to store your key with a passphrase, you will be required to enter it.
Cloud Hosting Control Panel - https://xmission.com/account/
- Your Servers - VPS Manager
- Configure Resources - Your Server Resources
- Manage - Your Cloud Hosting Panel
- Wordpress Installation - How to install Wordpress to your website
- Domain Redirects - How to direct website traffic to another domain
- Nginx Proxy
- PHP Settings - How to add customer PHP settings
- PHPMyAdmin - How to access your Databases
- DNS - Add or Remove DNS
Additional Tasks and Information
- How Secure Web (SSL) Works
- Domain Transfer and Redemption
- Password Protecting a Directory With ".htaccess"
- Uploading Website content
- Two-Factor Authentication
- Logs and Troubleshooting Tips
- Command Line Login
- Creating Scheduled Jobs with Crons
- MySQL Import and Export
- Default Cloud Server PHP Info
- Host Files
- SSH Keys
- Unmanaged Server Security