Categories
OS X

Create SSH Keys in cPanel or OS X

SSH stands for “secure shell” and is a secure way to log in from a Mac to your web host’s server. You can create keys in your terminal or in a web host control panel like cPanel.

Creating SSH Keys in MacOS

To begin the process you will need to generate keys. If you are using cPanel you will need to use the account’s cPanel username and web address for the keys to work correctly.

ssh-keygen -t rsa -C "cpanel-username@111.22.33.444"

You will then be prompted to create a passphrase. These are unlike passwords in that they can have spaces. Feel free to use lyrics, mottos, poems, or quotes.

The key generated is located in the user’s .ssh folder your Mac. You can navigate to that folder in Terminal with this command:

ls/Users/Doug/.ssh/

Then, add yourself to the keys:

ssh-add/Users/Doug/.ssh/id_rsa

Finally make sure the RSA key has read / write capabilities. You can do this by using the change mode (chmod) command in Mac OS X to change the key’s Unix values to 600. See Unix Permssions Calculator

chmod 600 ~/.ssh/id_rsa

Finally, you will import the RSA key to cPanel. This is found on your cPanel dashboard under Security > SSH Access > Manage Keys > Import Key.

From here you will give your key an ID (id_doug), paste the private key (id_rsa), the public key (id_rsa.pub), and enter your passphrase.

Next, in cPanel you will need to authorize the keys in Security > SSH Access > Manage Keys.

Now you can log in from a terminal using your SSH keys. Typically we access port 22. If you are using cPanel you will have to use your account’s username to log in. The IP address of your server will serve as the web address:

ssh -p 22 cpanel-username@111.22.33.444

You will then be prompted to enter your passphrase. You will not see visual confirmation that you are typing your passphrase in, but it is.

Creating SSH Keys in cPanel

This is the easier method of the two, and is done by using the interface to create keys and then download them to your local computer.

SSH Access is located under Security in cPanel

First locate the SSH Access app in cPanel.

Open SSH Access to Manage SSH Keys. From here you will generate a new key.

From here you will be prompted to generate either an RSA or DSA key. RSA is the stronger algorithm. DSA is actually not recommended for use anymore by SSH.com

How to use ssh-keygen to Generate a New SSH-Key on SSH.Com

In cPanel they ask you to generate a password. This is actually the passphrase. I would recommend putting in a passphrase (i.e., a sentence), rather than a password.

RSA stands for the Rivest-Shamir-Adleman public-key algorithm (RSA) is the most widely used asymmetric cipher. RSA can be used for both encryption and digital signatures. 

Once the key is generated you can then download both the private and public keys to your local computer.

However, before it will work you need to authorize the public key. To do so click on the manage link next to the public key, and then authorize it.

After downloading the keys you still have to place them in your SSH keys folder which by default is hidden on Mac OS. The article below will show you how to show hidden files.

See Related Article: Hiding Folders in Mac OS on DougState.com

Then from your terminal you may need to use the change mode (chmod) command in Mac OS X to change the key’s Unix values to 600. See Unix Permssions Calculator

chmod 600 ~/.ssh/id_rsa

Then you will login to port 22 using your cPanel username and IP address:

ssh -p 22 cpanel-username@111.22.33.444

Leave a Reply