Log In

SSH Keys

Updated on 17 April 2024

You can use SSH keys to securely connect to servers. For your convenience, it is possible to save the SSH keys in the control panel and later use them when creating new cloud servers.

Add an SSH key to a new server

When creating a new server, in the Authorization section, click Add key. Select one of the existing SSH keys or add a new one.

The SSH key will be automatically added to the server and the control panel so you can reuse it later.

Image4

Add an SSH key to an existing server

If the server already exist, you can still add SSH keys to it via the Hostman dashboard. 

  1. Go to Cloud servers and click on the server you need.

  2. In the Access tab, click Change next to SSH keys

085c3134 2976 4769 8083 Beb7be162079

  1. Select one of the SSH keys already saved in the control panel or add a new one.

The key will be added to the server automatically in a couple of minutes without rebooting.

Add an SSH key to your Hostman dashboard

You can also add SSH keys to the control panel without linking them to any server yet.

  1. Go to the SSH keys section of your control panel and click Add SSH key.

  2. Paste the key and enter its name to be displayed in the control panel.

  3. Mark the key as default, if necessary. The default SSH key will be automatically added to new servers. 

  4. Click Add.

Image1

The key will be displayed in the list of SSH keys and will be available for selection when creating a new server and reinstalling the OS.

Set a default SSH key

To have a specific key selected when a new server is created, check the Select this SSH key by default when creating a new server checkbox. This can be done when adding a new SSH key to the panel as well as in the settings of an already existing SSH key.

Image2

Delete an SSH key

To delete an SSH key:

  1. Go to the SSH keys section.

  2. Click on the three dots and select Delete SSH key.

Image2

How to create SSH keys?

Follow these steps to create an SSH key pair on your local machine.

This guide will work for Linux, MacOS, and the newer versions of Windows 10 starting from 1809, which have a built-in SSH client. If you have an older version of Windows, you will need to use an SSH client such as PuTTY.

  1. Launch a terminal or Windows PowerShell on your computer and run the command:

ssh-keygen

  1. You will see a similar message:

Generating public/private rsa key pair.

Enter file in which to save the key (/home/user/.ssh/id_rsa):

  1. Press Enter to save the key to the default directory.

  2. Next, set a passphrase or press Enter to leave it blank. Using a passphrase increases security, but you will have to enter it every time you log in to the server.

That’s it; the keys are created. 

The private key will be stored on your machine, while the public key should be copied to the server. This can be done manually or, more conveniently, by using your Hostman control panel as described above.

How to create SSH keys with PuTTY?

Old Windows versions don’t have OpenSSH, so you'll need a special program, PuTTYgen. You can download the puttygen.exe distribution from the official PuTTY website.

  1. Launch the program.

  2. Select RSA in the Type of key to generate block and click Generate.

  3. Move your mouse randomly in the space below the loading line to generate random values.

  4. After the key is created, you can set the Key passphrase. This is optional; you can leave the line blank. If you choose to set a passphrase, please note that you will need to enter it each time you log in using the key.

  5. Next, save the created keys by clicking on the Save public key and Save private key buttons, for example, as id_rsa.pub and mykey.ppk.

  6. Also, copy and save the contents of the Public key for pasting... window as a text file, as you will need them later when copying the SSH key to the server or the Hostman panel.

You can transfer the public SSH key to the server manually or via Hostman control panel, as described above.

How to copy an SSH key to the server?

Run the following command on your local computer's terminal. In place of user, enter a username created on the server, and in place of server, enter the server IP address.

Linux and MacOS

ssh-copy-id user@server

For example:

ssh-copy-id root@38.62.228.244

Windows

type $env:USERPROFILE\.ssh\id_rsa.pub | ssh user@server "cat >> .ssh/authorized_keys"

For example:

type $env:USERPROFILE\.ssh\id_rsa.pub | ssh root@38.62.228.244 "cat >> .ssh/authorized_keys"

As a result, the contents of the id_rsa.pub file with the public key will be copied to the ~/.ssh/authorized_keys file on the server, and in the future, you will be able to establish a connection to the server using the command:

ssh user@server

For example:

ssh root@38.62.228.244

Windows (with PuTTY)

On older Windows versions, you will need the pageant utility to copy the SSH key to your server. You can download the pageant.exe distribution from the official PuTTY website.

  1. Connect to the server via SSH via Putty and run the command to create a file on the server to store keys:

chmod 0700 ~/.ssh
touch ~/.ssh/authorized_keys
chmod 0644 ~/.ssh/authorized_keys

  1. Open the file:

nano ~/.ssh/authorized_keys

  1. Paste the text public key, previously copied from the PuTTYgen window, into it and save the file.

  2. Launch pageant. Its icon will appear in the tray. Right-click on it and select Add Key.

  3. Enter the path to the private key mykey.ppk, saved earlier, and click Open. If you added a passphrase when creating the key, pageant will ask for it at this stage.

To check that key authorization works, run PuTTY, connect to your server, and enter your login. If everything is configured correctly, you will see an output similar to this in the console window:

Authenticating with public key "rsa-key-20151220" from agent

How to disable password authentication?

You can disable password authentication on your server to ensure that it can only be accessed with the SSH key. To do this, you need to edit the /etc/ssh/sshd_config file on your server.

  1. Connect to the server via SSH and open the file with the command:

sudo nano /etc/ssh/sshd_config
  1. Find the PasswordAuthentication line in it and replace its value with:

PasswordAuthentication no

  1. Save the changes, then restart the SSH service:  

sudo service ssh restart

 

Was this page helpful?
Share