Users can securely access a remote computer over an insecure network with the help of the SSH (Secure Shell) protocol. Let's review how to add an SSH key to your server in the context of your Nexcess Cloud hosting account.
SSH supports password-based authentication, but you are typically advised to use SSH keys instead. Because they are highly resistant to common brute-force password hacking attacks, SSH keys are a more secure way to access an SSH server.
A very helpful overview of how to best manage your Nexcess Cloud account in found in the Nexcess hosting and Nexcess Client Portal guide. This article explains how to add an SSH key to the server for your Nexcess Cloud account and set up your SSH key at Nexcess.
Overview of the "add SSH key to server process" at Nexcess
You can add an SSH key to the server through the Nexcess Client Portal. To be clear, you should already have the following prerequisite steps covered:
- SSH should be enabled on your destination server.
- Public and private SSH keys should have been generated (using the command ssh-keygen -t rsa).
- The server requires that you have a user account and password. The root account will also work.
- You should be aware of the destination server's IP address.
Add an SSH key to the server at Nexcess hosting via your Nexcess Cloud account
Follow the steps below to add SSH keys to your Nexcess Cloud account.
Step 1: Log in to the Nexcess Client Portal and start the "add SSH key to server process"
Log in to your Nexcess Client Portal. Then, choose the SSH Keys menu entry from the dropdown menu next to your name:
Step 2: Choose the Add SSH Key option
Click the Add SSH Key button in the upper right corner:
Step 3: Add an SSH key using the Name and Key fields
Click the Add button after filling out the Name and Key fields:
Step 4: Confirm everything works as expected
4. If successful, your Nexcess Cloud service will start using your SSH key immediately.
SSH key setup at Nexcess
SSH keys can be used to log a user into an SSH server without requiring a password. Every "key" is actually a key paired with a private and public key. Due to their greater complexity, keys are much more secure than passwords. SSH keys are frequently 2048 bits or longer, whereas an eight-character password is only 72 bits long. It takes much longer to use a brute force attack to break this longer string because there are many more possible permutations.
A pair of SSH key files including a private key along with a public key must be created as part of the procedure. The server will only be aware of the public key; the user's computer is the only one with access to the private key. Only people who possess both private and public keys can access the server because neither key is useful without the other. The server never knows your private key.
Keep the private key safe at all costs. Users are prevented from accessing the server until a new key pair is generated by an administrator because a lost private key cannot be replicated. Get help from our Support Team if you can no longer access your server because of a lost key.
You can use the steps listed below to create and save SSH key files as well as transfer the public key file to the destination server.
Step 1: Create and save the SSH key files
1a. The ssh-keygen command can be used to create a new SSH key:
test@demo:~$ ssh-keygen -t rsa -b 4096 Generating public/private rsa key pair. Enter file in which to save the key (/home/test/.ssh/id_rsa): Created directory '/home/test/.ssh'. Enter passphrase (empty for no passphrase):
1b. The keys are saved depending on whether a different file was specified, or the default location was used. Pick one:
- If you do want a passphrase, enter it right away. Then, once more, when prompted, enter the passphrase.
- If you don't want a passphrase, press Enter twice in a row without typing one.
1c. Next you should see the SSH key's fingerprint of identification. This picture was created automatically:
Step 2: Add the public key file to the destination server
2a. Log in to your Nexcess Client Portal if you want to use the Nexcess Cloud to add an SSH key to the server. If you cannot locate your login information, click Forgot Password? on the login page or get in touch with our live customer service team.
Warning — the following steps 2b and 2c will not work for Nexcess Cloud clients:
2b (non-Nexcess Cloud clients). You can add an SSH key to the server by copying your public SSH key to the server's authorized keys file in order to use the public-key authentication method. The user you are connecting with has the authorized keys file in their home directory at /home/username>/.ssh. You can access the server using the public-key authentication method and passwordless SSH login by copying your public key to the file.
2c (non-Nexcess Cloud clients). Use of the ssh-copy-id command is the simplest method to add an SSH key to the server if you are not a Nexcess Cloud client. Run ssh-copy-id with the same arguments as the ssh command to connect to the server:
Step 3: Test the connection
3a. Enter the following command:
3b. To accept the key fingerprint, choose Yes.
3c. Try to access the server by logging in. You can log in successfully if the SSH key authentication process is running smoothly.
3d. When prompted, enter the passphrase you made in Step 1: Create and save the SSH key files section above.
Summary of the "add SSH key to server" process at Nexcess
Users with the private key associated with the public key on the server are the only ones who can successfully authenticate using SSH Keys. If a hacker obtains the server's public key, they will be unable to access it without the corresponding private key.
We’ve optimized hosting for the industry’s leading commerce and content platforms. That means speed, security, scalability and support are built-in. Backed by free migrations and 30-day money-back guarantee, let us show you why we’re the best.
If you encounter any difficulties or require our assistance in adding an SSH key to the server after purchasing a suitable Nexcess hosting plan, don't hesitate to contact our team at any time. We will assist you with setting up and adding an SSH key to the server.
Note about the original publication date
This article was originally published in September 2019. It has since been updated for accuracy and comprehensiveness.