SSH is a nifty tool which lets web developers, admins, and others do a ton of things on their servers. SSH key authentication is a technique for making SSH even more secure.
You might want to set up key authentication for at least two reasons. First, this allows a site owner to grant SSH access to someone else without granting them cPanel access. Used in combination with something like JailShell, a site owner can allow a user to perform only a few isolated functions. Secondly, an SSH encrypted key is many times harder to hack than a regular password. You can even set up SSH key authenticated log in and proceed to disable regular log in!
To log in with SSH key authentication:
- Log in to cPanel and navigate to “SSH Access” under the “Security” section of the home screen. Click “manage keys” then “generate a new key.”
- Name the key and enter a password, making note of both. Return to the manage keys area. Click “manage” next to the public key and authorize that key. Return to the manage keys area.
- Click “view/download” next to the matching key in the private keys area. It will match the public key you just authorized because they will share the same name. On the view/download page enter the passphrase, which is the same as the password. This will convert the key from an encrypted key into a key which is useable by PuTTY. When the unencrypted key is revealed, download it and save it to a place on your hard drive.
- Open PuTTY. Expand the connection area in the explorer tab on the left. Expand the SSH tab it reveals. Do not expand, but actually click on, the auth tab which is now revealed. Find the field which says, “Private key file for authentication.” Click the browse button and select the private key file which you downloaded in step 3.
- Return to the session area in the explorer tab. Enter the appropriate IP address or host name. Type something into the saved sessions area and click save. Now the configuration is ready to go! You will not need to repeat any of these steps the next time you log in via SSH if everything has been properly executed.
- Finally, attempt to log in by clicking the open button in the session area. Use the regular cPanel username. Now PuTTY will detect the SSH key and ask for the SSH key passphrase instead of the regular cPanel password. Give it the passphrase. You are now logged in with key authentication!