SSH keys add another great layer of security for logging to your server without a password. Unlike username/password combination, RSA keys encrypt data sent from your server making your connection more secure and less prone to hackers.
These keys are hard to guess because they rely on difficult mathematical formulas and even the most resourceful hackers can’t break them by brute-force method.
To use the technology, you keep the public key on your web hosting server and a private key on your computer. Data sent is encrypted using the public key and it is only you who can decrypt it because you have the private key.
You can even enhance the level of security on your server by adding a passphrase to your private key just in case it gets into the wrong hands.
It is advisable to use SSH keys every time you to log to your web hosting server. In this guide, we will show you how to generate a private/public key pair and use the same to log to your hosting account.
Special Note: a key part of hosting security is to use a secure, trusted hosting service provider. With HostAdvice you can browse, read real user reviews and scores, and choose from among the most trusted and best web hosting services.
- A domain name e.g. www.example.com
- A web hosting account that supports Cpanel
- Cpanel username and password.
Step 1: Log to your Cpanel Account
Navigate to your cPanel account by typing the primary domain name associated with your hosting account followed by ‘/cpanel’. For instance, if your domain name is ‘www.example.com’, type the text shown below in your browser:
Next, enter your cPanel Username and password to log in to your account:
Step 2: Search for SSH on the search box
Next, search for ‘SSH’ on the search box and click on the ‘SSH Access’ key as shown below:
Next, click on Manage SSH Keys on the next screen:
Step 3: Generate a New Key
Click on ‘Generate a New Key’ under Manage SSH Keys;
You have to enter an RSA ‘Key Name’ and password (or passphrase). Leave the other details intact as shown below and click on ‘Generate Key’
Your keys will be successfully generated and saved under the
‘/home/<your_account_username>/.sshdirectory. Click on the ‘Go back’ button.
Step 4: Authorizing the public key
You will be taken back to the keys management page, scroll down and locate the public key you have generated above under ‘Public Keys’, then click on ‘Manage’
Click ‘Authorize’ to activate the key on the next screen and then click on ‘Go Back’
Step 5: Download your private key
Once you get back to manage keys page, scroll down to find your private key under ‘Private Keys’ list. Remember, as we mentioned above, the public key is left on the server and the private key is kept on your local computer. So, you need to download the private key by clicking on the View/Download link alongside your private key as shown below:
On the next screen, you will see your private key. However, you need to enter a passphrase that you entered when you created the key to convert it to ‘.ppk’ format. This is the most widely acceptable format.
Your private key is now ready for use. Download the private key by clicking the ‘Download’ button at the bottom of the screen.
Step 6: Testing the SSH
In most cases, you will be managing your website from an FTP client like Filezilla. You can now use the private key that you have downloaded above together with your FTP username to log to your web hosting server.
Also private/public keys use SFTP protocol and you have to select this from your FTP client. Then, select the login type as ‘Key file’ and locate your private key by clicking on the ‘Browse’ button.
Then, click on the ‘Connect’ button as shown below:
In case you get a connection problem, confirm from your hosting provider if they have changed the default SFTP ports for your server.
In this guide, we have shown you how to generate, activate and use SSH keys to access your web hosting account via an FTP client. This is the most secure way of managing your web hosting account if you want better security for your server. We hope you will take this step to safeguard your server from possible attacks from hackers.