Skip to main content

Create and host an SSH key on a dedicated server

SSH keys can be used to securely connect to a server using the encrypted SSH protocol. It is a pair of keys: the private key is stored on the local computer and the public key is placed on the server.

For authorization on a dedicated Linux server, we recommend using SSH keys instead of login and password.

SSH keys of types ed25 519, rsa, ecdsa and dsa can be used.

  1. Create an SSH key pair.

  2. Optional: add a public SSH key to the SSH key repository.

  3. Place a public SSH key on the server:

1. Create SSH keys

  1. Open the CLI.

  2. Generate a pair of SSH keys:

    ssh-keygen -t <key_type>

    Specify <key_type> — SSH key type: ed25519, rsa, ecdsa, or dsa.

  3. A message will appear asking you to select a directory to store the key pair — example for rsa key:

    Enter file in which to save the key (~/.ssh/id_rsa):

    To leave the default directory for storing keys, press Enter. If you want to select a different directory, enter it in the format /path/to/id_rsa and press Enter.

  4. Optional: enter a passphrase for additional protection, repeat it, and press Enter. The passphrase will not be displayed on the command line:

    Enter passphrase (empty for no passphrase):
    Enter same passphrase again:

  5. Wait for the message that the keys have been generated. Two files will be created: id_rsa (private key) and id_rsa.pub (public key). The terminal will display the key fingerprint and its image:

    Your identification has been saved in ~/.ssh/id_rsa
    Your public key has been saved in ~/.ssh/id_rsa.pub
    The key fingerprint is:
    The key's randomart image is:

  6. Output the public SSH key:

    cat <path>

    Specify <path> is the full path to the public key you specified in step 3, for example ~/.ssh/id_rsa.pub.

2. Optional: add a public SSH key to the SSH key repository

A public SSH key can be added to the storage for SSH keys and placed on the server automatically when ordering a new server or when reinstalling the OS for an existing server.

  1. In the Control Panel, on the top menu, click Products and select Dedicated Servers.
  2. Go to the SSH keys section.
  3. Click Add SSH Key.
  4. Enter the name of the key.
  5. Insert a public SSH key.
  6. Click Add.

3. Place the SSH key on a dedicated server

Placing a public SSH key is possible:

Place SSH key on a dedicated server with OS reinstallation

  1. In the Control Panel, on the top menu, click Products and select Dedicated Servers.

  2. In the Servers section, open the Server List tab.

  3. Open the server page → Operating System tab.

  4. Click Change OS Configuration.

  5. In the SSH key field, add an SSH key:

    • check the checkbox with the desired SSH key that you added to the SSH key repository;
    • or click Add New Key. Enter a key name and paste the public SSH key you created earlier. Click Add. The key is added to the SSH key repository.

  6. Click Install.

Place SSH key on a dedicated server without reinstalling the OS

Without reinstalling the OS, the public SSH key can only be placed on the server by copying the key from the local computer. The ssh-copy-id command adds the public SSH key to the end of the ~/.ssh/authorized_keys file . The command creates the directory and file if they are not already created.

  1. Open the CLI on the local computer.

  2. Copy the public SSH key to the server:

    ssh-copy-id -i <path> <username>@<ip_address>

    Specify:

    • <path> — the full path to the public key on the local computer, e.g. ~/.ssh/id_rsa.pub;
    • <username> — username;
    • <ip_address> — public IP address of the server.

  3. Enter the user's password.