Using Public Key Authentication with SSH

What is Public Key Authentication?

Public key authentication uses a public and a private key when connecting to a server for added security. Public and private key are similar to a puzzle. They are created together to use during the login/authentication process. The public key resides on the server (the remote location) The private key resides locally on your computer/server. When you attempt to login to a server, the public and private key are compared. If they “match”, then you will be allowed to login to the server location.

 

Why does Public Key Authentication benefit me?

Public Key Authentication keeps the server that your site(s) is(are) on more secure. No longer can your password to access the server be guessed or cracked by hackers. Now, to access the server, both your private key, and a password are needed. Even if someone knows your password, they will need to obtain your private key to gain access. Wthout the private key, they cannot access the server.

This also holds true with everyone else on the server. Now, all their accounts are more secure as well. This reduces the risk of server wide problems and will keep your account and the whole server more secure.

 

How do I use Public Key Authentication?

Using Public Key Authentication is simple. To use public key authentication, you’ll need to complete the following steps:

1) Create a Public / Private key pair: All public and private keys come in pairs and only the 2 keys in the pair can be used together. You’ll need to create a key pair to access the server. To do so, go to your cPanel interface, then to SSH/Shell Access, and then to Manage SSH Keys:

  • Click on Generate a new Key.
  • Give the key a name, for example: john_smith_private_key
  • Add a password to secure your key.
  • Select DSA.
  • Select 4096.
  • Click on Generate Key. (This may take a few minutes)

 

2) Authorize your keys

Once a key pair is created, you’ll need to authorize it for use. To do so:

  • Navigate to the Manage SSH Keys section.
  • Click on Manage Authorization next to the key you wish to use.
  • Click on Authorize.

 

3) Download your private key

  • Navigate to the Manage SSH Keys section.
  • Click on View/Download next to the private key you wish to use.
  • Click on Download Key.
  • Save this key on your hard drive and do not give it out to anyone!

 

4) Configure your SSH Program

To do this, you’ll need to read the instructions in your ssh program of choice. If you are using PuTTy, you’ll need to use the conversion tool when downloading your private key to make sure it works with PuTTy. If you wish to connect without downloading a SSH program, you can do the following.

  1. Navigate to the SSH/Shell Access section.
  2. Click on Connect using SSHTerm (requires java). (You’ll need to make sure that Java is enabled on your web browser)
  3. Click on ‘ok’ if you are asked to trust a SSL certificate. Enter the username and password you use to access your cPanel account.
  4. Click on File -> New Connection
  5. Enter the name of your site as the Host to Connect to
  6. Click on Advanced
  7. Enter the port your webhost gave you to connect to SSH as the Port
  8. Enter your cPanel account username as the Username
  9. Click on publickey as the Authentication Method
  10. Click on Connect
  11. Select your private key file when the window comes up to select a file and click on Open.
  12. Enter the key password when prompted.
  13. Click ‘OK’ if you get a message about X11 forwarding
  14. You should now be connected to the shell.

  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

No access to website, email, ftp, ssh

If you can't access your website, email ftp, ssh or any other service then it may be a number of...

~username access

Previously we supported accessing your website by using /~username/ on the end of either the...

PCI DSS Compliance

PCI DSS Compliance is a set of regulations to ensure security of online transactions with credit...

Certificates for cPanel and Webmail

If you log in to your cPanel or webmail by visiting yourdomain.com/cpanel or...

Checking your website for hidden malware

Often, the first time you know about malware hosted on your website, it's already banned by...