Skip to main content

Create and place an SSH key on a dedicated server

Last update:

SSH keys can be used for secure connection to a server over the encrypted SSH protocol. This is a key pair: the private key is stored on the local computer, and the public key is placed on the server.

For authorization on a dedicated Linux server, we recommend using SSH keys instead of a login and password.

You can use SSH keys of the following types: ed25519, rsa, ecdsa, and dsa.

  1. Create an SSH key pair.

  2. Optional: add a public SSH key to the SSH key repository.

  3. Place a public SSH key on the server:

1. Create SSH keys

  1. Open the CLI.

  2. Generate an SSH key pair:

    ssh-keygen -t <key_type>

    Specify <key_type> — the SSH key type: ed25519, rsa, ecdsa, or dsa.

  3. A message about choosing a directory to store the key pair will appear — an example for an rsa key:

    Enter file in which to save the key (~/.ssh/id_rsa):

    To keep the default directory for storing keys, press Enter. If you want to choose a different directory, specify the full path to it, for example /home/user/id_rsa, and press Enter.

  4. Optional: enter a passphrase for additional protection, repeat it, and press Enter. The passphrase will not be displayed in the command line:

    Enter passphrase (empty for no passphrase):
    Enter same passphrase again:

  5. Wait for the message indicating that the keys have been generated. Two files will be created: id_rsa (private key) and id_rsa.pub (public key). The key fingerprint and its image will appear in the terminal:

    Your identification has been saved in ~/.ssh/id_rsa
    Your public key has been saved in ~/.ssh/id_rsa.pub
    The key fingerprint is:
    The key's randomart image is:

  6. Display the public SSH key:

    cat <path>

    Specify <path> — the full path to the public key you specified in step 3, for example ~/.ssh/id_rsa.pub.

2. Optional: add a public SSH key to the SSH key repository

A public SSH key can be added to the SSH key repository and placed on the server automatically when ordering a new server or when reinstalling the OS for an existing server.

  1. In the Control panel, on the top menu, click Products and select Dedicated Servers.
  2. Go to the SSH Keys section.
  3. Click Add SSH key.
  4. Enter the key name.
  5. Paste the public SSH key.
  6. Click Add.

3. Place an SSH key on a dedicated server

You can place a public SSH key:

Place an SSH key on a dedicated server by reinstalling the OS

  1. In the Control panel, on the top menu, click Products and select Dedicated Servers.

  2. In the Servers section, open the Server list tab.

  3. Open the server page → Operating System tab.

  4. Click Reinstall OS.

  5. In the SSH key field, add an SSH key:

    • check the box for the required SSH key that you have added to the SSH key repository;
    • or click Add new key. Enter a key name and paste the public SSH key you created earlier. Click Add. The key will be added to the SSH key repository.

  6. Click Install.

Place an SSH key on a dedicated server without reinstalling the OS

Without reinstalling the OS, a public SSH key can be placed on the server only by copying the key from the local computer. The ssh-copy-id command adds the public SSH key to the end of the ~/.ssh/authorized_keys file. The command creates the directory and file if they have not been created yet.

  1. Open the CLI on your local computer.

  2. Copy the public SSH key to the server:

    ssh-copy-id -i <path> <username>@<ip_address>

    Specify:

    • <path> — the full path to the public key on your local computer, for example ~/.ssh/id_rsa.pub;
    • <username> — the username;
    • <ip_address> — the server's public IP address.

  3. Enter the user password.