Introducing SSH Public Key Management

June 17, 2020

We're excited to announce SSH public key management through ServerPilot. Once you've added your SSH key to a system user, you'll be able to SSH and SFTP into your server using public key authentication.

If you prefer to manually manage your SSH keys, ServerPilot's SSH key management works perfectly alongside manual SSH key management.

You can, of course, still use password authentication. As long as you use strong passwords, your server will continue to be secure from brute force login attempts.

See our article to get started adding your SSH keys.

What Are SSH Keys?

Before talking about SSH keys, let's first talk about authentication.

Authentication is proving who you are. In the field of computer security, there are three ways to prove who you are:

  1. Something you know — Things you can remember such as a password.
  2. Something you have — Things in your possession, for example a time-based code generator on your phone for two-factor authentication.
  3. Something you are — Biometrics such as fingerprints.

An SSH key is something you have. The cryptographic principles of SSH keys are the same as with SSL/TLS keys. The keys consist of two mathematically related parts: a public key and a private key. The public key can be shared with anyone. The private key must be kept secret.

This concept of a public and private key pair that can be used for both encryption and authentication is known as public-key cryptography.

How Keys Are Used for SSH Authentication

A key pair has a special property: the owner of a private key can prove (mathematically) that they are in possession of the private key that goes with a specific public key.

What this means: if a system user on your server is configured with your public key, you can log in using your private key. SSH verifies you have the correct private key and then logs you in just like if you'd entered a password.

ServerPilot Simplifies SSH Key Management

SSH public-key authentication is a powerful way to improve security, but managing keys across many system users and servers is complicated and error prone.

ServerPilot makes it easy for you to add and remove keys from system users without risk of locking yourself out due to SSH misconfiguration. Additionally, you can easily see which keys have been added to a system user and, for any given key, which system users have that key enabled.

Get Started Using SSH Keys

To get started, see how to use SSH key management in ServerPilot.