How To Manage SSH Keys For Your Project

This guide shows you how to control access to Linux instances by creating SSH keys.

An SSH key consists of the following files:

  • a public SSH key file that is applied to instance-level metadata or project-wide metadata.
  • a private SSH key file that the user stores on their local devices.

If you do not have an existing private SSH key file and a matching public SSH key file that you can use, generate a new SSH key. If you want to use an existing SSH key, locate the public SSH key file.

The fastest way to copy your public key after generating it is by using pbcopy adding this to .bash_profile:

alias pb='pbcopy < ~/.ssh/id_rsa.pub'

then use "pb" to copy it into your clipboard.

If you need to add users to a Linux instance, prepare their public SSH keys with the following processes or use the SSH tools above for easier management and control:

  •  

Edit public SSH key metadata to add or remove users from a Linux instance.

  •  

Connect to your Linux instance through a third-party tool to ensure that each public SSH key is added or removed correctly. A user can only connect to an instance if their public SSH key is available to the instance if they have the matching private SSH key.

For better SSH key management, use tools such as:

Creating a new SSH key (Linux & Mac)

If you do not have an existing private SSH key file and a matching public SSH key file that you can use, generate a new SSH key. If you want to use an existing SSH key, locate the public SSH key file.

Linux and macOS

On Linux or macOS workstations, you can generate a key with the ssh-keygen tool.

  1. Open a terminal on your workstation and use the ssh-keygen command to generate a new key. Specify the -C flag to add a comment with your username.

    ssh-keygen -t rsa -f ~/.ssh/[KEY_FILENAME] -C [USERNAME]

    where:

    • [KEY_FILENAME] is the name that you want to use for your SSH key files. For example, a filename of my-ssh-key generates a private key file named my-ssh-key and a public key file named my-ssh-key.pub.
    • [USERNAME] is the user for whom you will apply this SSH key.

    This command generates a private SSH key file and a matching public SSH key with the following structure:

     

    ssh-rsa [KEY_VALUE] [USERNAME]
    

     

    where:

    • [KEY_VALUE] is the key value that you generated.
    • [USERNAME] is the user that this key applies to.
  2. Restrict access to your private key so that only you can read it and nobody can write to it.

    chmod 400 ~/.ssh/[KEY_FILENAME]
    

    where [KEY_FILENAME] is the name that you used for your SSH key files.

Repeat this process for every user for who needs a new key. Then, locate the public SSH keys that you made as well as any existing public SSH keys that you want to add to a project or instance.

 

Creating a new SSH key (Windows)

Windows does not have a built-in tool for generating SSH keys, so you must use a third-party tool to generate SSH keys if you are on a Windows workstation. Here, we describe how to generate SSH keys with the PuTTYgen tool.

  1. Download puttygen.exe.

  2. Run PuTTYgen. For this example, simply run the puttygen.exe file that you downloaded. A window opens where you can configure your key-generation settings.

  3. Click Generate and follow the on-screen instructions to generate a new key. For most cases, the default parameters are fine, but you must generate keys with at least 2048 bits. When you are done generating the key, the tool displays your public key value.

  4. In the Key comment section, replace the existing text with the username of the user for whom you will apply the key.

  5. Optionally, you can enter a Key passphrase to protect your key.

  6. Click Save private key to write your private key to a file with a .ppk extension.

  7. Click Save public key to write your public key to a file for later use. Keep the PuTTYgen window open for now.

    The correctly formatted public key is available at the top of the PuTTYgen screen:

    Screenshot of PuTTYgen public key

    This public key has the following structure:

     

    ssh-rsa [KEY_VALUE] [USERNAME]
    

     

    where:

    • [KEY_VALUE] is the key value that you generated.
    • [USERNAME] is the user that this key applies to.

Repeat this process for every user that you need to create a key for. Then, if you have other public SSH keys for users that you want to add to a project or instance, you should locate their public SSH keys now. Otherwise, format the public SSH keys that you created.

 

Locating an SSH key.

There are multiple reasons why you might need to locate an SSH key. For example, if you want to add a user's public SSH key to a project or instance, you will need access to the public key file for their key. Alternatively, you might need to locate your private SSH key file in order to connect to a Linux instance.

When an SSH key is created, it is saved to a default location. The default locations and names of your public and private SSH key files depends on the tools that were used to create that key.

Linux and macOS

If you created a key on a Linux or macOS workstation by using the ssh-keygen tool, your key was saved to the following locations:

  • Public key file: ~/.ssh/[KEY_FILENAME].pub
  • Private key file: ~/.ssh/[KEY_FILENAME]

where [KEY_FILENAME] is the filename of the SSH key, which was set when the key was created.

If you need to add or remove the public SSH key from project, format the public SSH key file.

 

Locating an SSH key in your Windows machine.

If you created a key on a Windows workstation by using the PuTTYgen tool, your public key file and private key file were saved to the locations that you designated in the following formats:

  • Public key: [PUBLIC_KEY_FILENAME]
  • Private key: [PRIVATE_KEY_FILENAME].ppk

where [PUBLIC_KEY_FILENAME] and [PRIVATE_KEY_FILENAME] are the filenames of public and private SSH keys, which were set when the key was first saved.

A default, public SSH key made with PuTTYgen should have the following format:

 

ssh-rsa [KEY_VALUE] [USERNAME]

 

where:

  • [KEY_VALUE] is the public SSH key value.
  • [USERNAME] is the user on the instance for whom you applied the key.

To view your PuTTYgen public SSH key with the correct formatting:

  1. Run PuTTYgen. If you do not have PuTTYgen, download and run puttygen.exe.

  2. Click Load to select and open your public SSH key file.

  3. After the public key file loads, the properly formatted public SSH key value is available at the top of the PuTTYgen screen:

    Screenshot of PuTTYgen public key

If you need to add or remove the public SSH key from a project, format the public SSH key file.

  • SSH
  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

How to Fix Quotas In cPanel/WHM

Servers that use the XFS® filesystem and run CentOS 7, CloudLinux™ 7, or Red Hat® Enterprise...

How To Create A "Sudo" User In Ubuntu And/Or Debian-based System

First, what is a sudo user or a sudoer? When a normal Linux user is move to that special group...

Accessing the Command Line As A cPanel/WHM Root User

It is true that cPanel & WHM automates many of the server administration tasks that you may...

cPanel/WHM Guide to Git For System Administrators

First of all, it is very important to note that the Git Version Control feature includes several...

How To Convert An Add-on To Full cPanel Account

As a cPanel system administrator with root access to WHM, there are times that your users will...