SSH authentication using public keys

To SSH or SFTP into your server using SSH public key authentication, add the key to the system user’s list of authorized keys by doing one of the following:

• add the SSH key through ServerPilot, or
• SSH into the server and add the key to the user’s ~/.ssh/authorized_keys file.

Note

ServerPilot only manages SSH keys for system users created through ServerPilot.

SSH public and private keys

An SSH key consists of a public key and a private key, known as a key pair.

• The public key is not sensitive. It is safe to share a public key with other people. For example, if you are asked to share your SSH key with someone so they can grant you access to a server, only share your public key.
• The private key is sensitive. Do not share your private key.

Generate an SSH key pair

To generate an SSH key pair, run the following command on your local computer.

ssh-keygen

You’ll be prompted to choose the location to store the keys. When prompted for the location to store the key, press Enter to choose the default location.

Next, you’ll be asked to choose a password. You will need to know this password when you SSH into a server using this key. The password is not sent to the server and is not related to SSH password authentication.

Note

If you are generating an SSH key for use with automated code deployments, do not set a password. Instead, press Enter when prompted to choose a password.

Two separate keys will be generated: a public key and a private key. For example, you will see output like the following when your SSH key pair is generated.

Your identification has been saved in ~/.ssh/id_rsa.
Your public key has been saved in ~/.ssh/id_rsa.pub.

You may also be shown a fingerprint of your key. You do not need to save this information.

View your public key

To see your public key, run the following command on your local computer.

cat ~/.ssh/id_rsa.pub