Archives

Generate private and public key in cPanel for SSH access

The common way to connect to the server via SSH is to use a username and a password. But to increase security, you can use a pair of keys(a private one and a public one) to connect to the server.

The public key will be on the server. The private key will be on your computer. When you are trying to connect, the server compares the two keys. If they are the right ones, you will be able to access it.

We will show in this post how to generate the pair of keys and connect to your server with PuTTY.

To generate and use public and private keys in cPanel:

1.Log in to cPanel
2.Scroll down to the SECURITY section -> SSH Access

3.Click the Manage SSH Keys button

4.Click the +Generate a New Key button

5.You are now on a page with a title Generating a Public Key. Here, choose:
-Key Name – you can leave the default value
-Key Password – enter the password for the key and confirm it
-Key Type (RSA or DSA) – let the default value
-Key Size (2048 or 4096) – let the default value

cPanel mentions:

RSA vs DSA: RSA and DSA are encryption algorithms used to encrypt your key. DSA is faster for Key Generation and Signing and RSA is faster for Verification.

6.Click the Generate Key button. You will see a confirmation message: Key Generation Complete! with some details:

Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/username/.ssh/id_rsa.
Your public key has been saved in /home/username/.ssh/id_rsa.pub.
The key fingerprint is:
b7:9a:55:59:c1:a7:6a:31:5c:9a:40:50:e9:73:24:a0

7.Click the Go Back link
8.Now you need to authorize the public key. (the Authorization Status is not authorized). Click the Manage link.

9.You will see a message The key with the name “id_rsa” is currently “not authorized” for use when connecting to this account.  Click the Authorize button. The success message is: The key “id_rsa.pub” has been authorized.

10.Click the Go Back link
11.Go to the Private Keys sections and click the View/Download link.

12.Here we will Convert the “id_rsa” key to PPK format. Enter the passphrase and click the Convert button.

13.You will see the key to be used in PuTTY. Click the Download key button and save the file to your computer (the filename is id_rsa.ppk) 

14.Now start PuTTY on your computer and go to Connection->SSH->Auth. Here, browse and select the file you saved at 13. (Private key file for authentication)

15. Click the Open button. PuTTY will connect to the server. Enter the Passphrase when asked.

16.You are now connected to the server 🙂

 
One of the most used SSH programs is PuTTY. Download it from chiark.greenend.org.uk/~sgtatham/putty/
Share this post:

Change the default SSH server port number

The Secure Shell (SSH) Protocol is using by default port 22. As a virtual/dedicated server administrator, it’s always a good idea to change this. Changing the port to another number will stop many attacks – as attack tools will try to connect to port 22.

The commands we use are tested on a CentOS distribution with cPanel installed.
If you are using a firewall on your server, whitelist the new port number. After finishing the port change, block the old port number.

To change the SSH port: 

  1. Log in to your server as root.
  2. Open the /etc/ssh/sshd_config file in a text editor (like vi, nano etc.).
    vi /etc/ssh/sshd_config
  3. Look for the line
    Port 22
  4. Change the 22 value to 3700 for example. You can use a port from the User Ports Interval (1024-49151), as assigned by the Internet Assigned Numbers Authority (IANA).
  5. Save the file, exit the editor and restart the SSH server.
    service sshd restart
  6. Open a new terminal window (or using PuTTY) and try to connect to the new assigned port:
    ssh username@yourserver.com 3700

Port numbers are assigned in various ways, based on three ranges: System Ports (0-1023), User Ports (1024-49151), and the Dynamic and/or Private Ports (49152-65535); the difference uses of these ranges is described in [RFC6335].

Related KB article: How to install nano editor with yum

Share this post:

How to copy and paste in Putty

If you are using SSH, there is a big chance that you are using PuTTY. Sometimes, PuTTY users have difficulties to copy/paste shell commands. So, we will explain how to copy/paste text.

 

PuTTY Configuration Window
PuTTY Configuration Window
Secure Shell (SSH) is a network protocol that allows you to login and communicate with a remote computer system in a secured way. You can read more on the Wikipedia page.

Copy text to the clipboard
1. Click left mouse button in the terminal window
2. Keep the left mouse button down and drag the text you want to copy
3. Let go the left button. The text will be automatically copied to the clipboard.

If you are using PuTTY under Windows OS, do not try to use the CTRL-C command to copy text as it will not work. In most cases this command will interrupt a process.

Paste text from the clipboard
1. Here there is just one step: click the right mouse button. The text from the clipboard will be pasted into the PuTTY terminal window.

Useful PuTTY Shortcuts
Shift-Insert – will paste the clipboard content to the PuTTY terminal window
CTRL+Right mouse button and then select Paste option from the menu – will also paste the text from the clipboard
Left mouse button double-click/ double click and drag – a whole word or a sequence of whole words will be copied
Left mouse button triple-click/ triple-click and drag – PuTTY will copy a whole line or sequence of lines.

More information about the copy/paste options can be found on Section 3.1.1 Copying and pasting text of the Help File.
Share this post: