An SSH key pair consists of a private key, which is a text file that stays on your computer, and a public key, which is an accompanying text file that can be installed on a server. This key pair can be used as an alternative to passwords when connecting via SSH or SFTP. SSH keys allow you to log in to a server without having to type a password and are generally preferred over passwords for security reasons (they are not guessable, and it's more difficult to unintentionally share them).
Generating a Public and Private Key Pair
On macOS and Linux, we can use the ssh-keygen command to get started. On Windows you can follow these directions if you first set up OpenSSH for Windows or install Linux via WSL. There are other ways to generate public and private keys using programs like PuTTY on Windows, but that is out of scope for this guide.
In a terminal, enter:
Then, hit the enter key. The command will ask for a filename which you can leave empty if this is your first ssh key pair you're generating on your computer. It will also ask for a password which you can also leave empty.
After the key pair has been generated, we can use ls in the .ssh directory to see both the public and private keys.
cd ~/.ssh ls
You should be able to see an id_rsa and id_rsa.pub file. The id_rsa file is your private key and should never be copied to a server or shared with anyone and id_rsa.pub is your public key that can be installed on a server.
Installing your public key on a server with ssh-copy-id
A quick way to install a public key on a server is to use the ssh-copy-id command. In this example, we’ll use it to add a key to a cPanel account, so you'll need to know your cPanel username and password. If you are looking for more info on connecting to a cPanel account via SSH, check out our Connecting via SSH article.
The ssh-copy-id command works similarly to the ssh command:
You will be prompted if you would like to continue connecting, so type "yes" and hit enter. Then, you will be asked to enter your password for the server.
Once that process is complete, try logging in via ssh:
If you log in to the server and are not prompted for a password, the key has been installed!
Viewing and copying your public key
If you happen to be installing a public key on a server manually, need to use it with Reclaim Cloud’s SSH Gate, or need to share it with us at Reclaim, you may need to copy the key to your clipboard. To do this, from a terminal run the following command:
This will output the key to your terminal, you can then select the text starting with “ssh-rsa” and ending with your computer’s name, and copy that text to your clipboard.
Adding your public key to your Reclaim Cloud account
Reclaim Cloud has an SSH/SFTP Gate which is a huge time saver because it allows you to access every node in your account even if they do not have a public IP or SSH and user accounts configured. To use this feature you must add your public key to your Reclaim Cloud account.
First follow the directions in the Viewing and copying your public key section so you have the key copied to your clipboard.
Next, log in to your Reclaim Cloud Dashboard at app.my.reclaim.cloud and click the Settings button at the top right.
Next, click SSH Keys and Add Public Key.
You can give the key a name, then paste your public key in the Key field.
Then click the Add button!
Once the key has been added we can test it out by connecting to the SSH Gate. Go to the SSH Connection tab, then copy the command under the SSH Gate section.
Paste that command into your terminal and hit enter to connect to the SSH Gate! The first time you use the SSH Gate, you will need to type “yes” to confirm the connection. If you are able to connect and the Jelastic Shell shows you a list of the environments in your account, you have successfully added your public key to your account! You can find out more about the SSH Gate in our Using the SSH Gate guide.