This guide will walk through generating a SSH key pair so you can use SFTP/SSH with key-based authentication
Using key-based authentication (in exchange for password authentication) is a excellent choice as it enables you to login to your web hosting server without a password, offering further flexibility while improving the security of your service.
A SSH key pair consists of two files, for example:
- id_rsa – This is your private key and should never be shared with another person and will remain stored securely on your device.
- id_rsa.pub – This is your public key and can be uploaded to respective web hosting servers to configure access, it is safe to share this key with trusted parties.
A SSH key contains a combination of thousands of random characters which makes them impossible to be cracked (unlike passwords which can be easily cracked depending on the password strength).
To begin, generate a SSH key pair for your computer operating system (MacOS or Windows) using the steps below and then proceed to configure your SSH key in cPanel.
How to generate a SSH key pair using MacOS
To generate your SSH key pair, we’ll be using Terminal which is a MacOS application.
- Navigate to the Finder app, select Applications from the Favourites on the left hand side and locate Terminal in the application list, open Terminal
- Copy and paste the following command into your Terminal window and press enter:ssh-keygen -t rsaYou will be asked which file you want to save the key, press enter to continue with a default installation
- You may want to enter a passphrase which can be used to unlock your ssh key pair when you need to use it. If you don’t wish to use a passphrase, just leave the passphrase boxes empty.
- Your key pair has now been created and you will be presented with an output alike to below:Your identification has been saved in /home/username/.ssh/id_rsa. Your public key has been saved in /home/username/.ssh/id_rsa.pub. The key fingerprint is: SHA256:Z9mrmEy+eBel33uek+hus6D4oKXcBkdnZsApUaaldEg username@Users-Macbook The key’s randomart image is: +—[RSA 2048]—-+ | .E==. | | .o*+ | | o. . | | . = o. | | . S +o | | . . oo . | | oo. +… | | . =*+oo.o+.oo| | +o+B=. +++=o| +—-[SHA256]—–+
- Now we will store a copy of your public key for later reference, you can view your public key by copying the file location which is displayed in the above output, in this case the public key location is /home/username/.ssh/id_rsa.pub. Update the below command with the location of your public key and enter the command into Terminal:cat /home/username/.ssh/id_rsa.pubThe command will display your public key, username@Users-Macbook Copy your public key and store it for later reference, for example paste the key into TextEdit or Notes on your Macbook.
- Well done! You’ve generated your SSH key pair. The final step is configuring your key in cPanel, please skip to the section Configure your SSH key in cPanel below.
How to generate a SSH key pair using Windows
To generate your SSH key pair, we’ll be using PuTTY which is a Windows application.
- Download and install Putty using the link above.
- To generate a SSH key pair, you’ll need to run PuTTYGen, which is included with PuTTY. Go to Start -> All Programs -> PuTTY -> PuTTYgen, or type PuTTYgen in the search box.
- Click Generate.
- Follow the instructions to move your mouse over the blank area to generate some randomness that is used to create your private key.
- Once the progress bar is complete, your public key will be shown in the box. Save the public key for later use by copying and pasting into Notepad, and then saving it in a convenient place, e.g. on your Desktop.
- You may want to enter a passphrase which can be used to unlock your ssh key pair when you need to use it. If you don’t wish to use a passphrase, just leave the passphrase boxes empty.
- Click Save Private Key.
- If you’re not using a passphrase, click Yes to the warning that pops up.
- Choose a location to save your private key.
- Enter a file name for your private key. e.g. your username, or your cPanel account username.
- Click Save.
- Click Save Public Key.
- Choose a location to save your public key.
- Choose a file name for your public key – this time you need to add an extension – e.g.
my-public-key.pub
- Click Save.
- Well done! You have generated your SSH key pair. The final step is configuring your key in cPanel, continue to the Configure your SSH key in cPanel using the instructions below.
Configure your SSH key in cPanel:
- Login to cPanel. If you have forgotten your cPanel credentials, they were included in the original Welcome to mxNAP or IMPORTANT: Hosting Documentation email which you should be able to find in your inbox otherwise follow these instructions on how to update your cPanel password.
- Use the find bar to search for the SSH Access function.
- In the SSH Access function, select Manage SSH Keys
- Select Import Key
- In the Import SSH Key form, add a name for your key and then paste your public SSH key in the section labelled Paste the public key into the following text box, then select Import
- On the following page, select Back to Manage Keys
- Our final task is authorizing your imported SSH key. To complete this, select Manage to the right of your imported key, then select Authorize.
Well done! You can now login via SSH using key based authentication.