SSH keys are a more secure and convenient alternative to passwords for command-line access. Instead of typing a password each time (and risking it being guessed), you use a cryptographic key pair. cPanel makes generating and managing them straightforward. Here’s how.
How SSH keys work
An SSH key comes in two halves: a private key that stays secret on your computer, and a public key that lives on the server. When you connect, the two are matched cryptographically to prove your identity — no password travels across the connection. This is both more secure (keys are effectively impossible to guess) and more convenient (no password to type).
Generating a key pair in cPanel
- In cPanel, open SSH Access under the Security section, then Manage SSH Keys.
- Click Generate a New Key.
- Optionally set a key passphrase (an extra layer protecting the private key) and choose the key type and size — the defaults are secure.
- Click Generate Key.
cPanel creates both halves of the pair.
Authorising the key
A generated key isn’t active until it’s authorised. Back on the Manage SSH Keys page, find your new public key and click Manage, then Authorize. This tells the server to accept logins using that key. Skip this step and the key won’t work.
Using the key to connect
Download the private key from cPanel and store it securely on your computer — treat it like a password and never share it. Then point your SSH client at it when connecting. On Mac or Linux you reference it with the -i flag; on Windows, PuTTY needs it converted to its own format first (cPanel can provide a compatible version). Once set up, you connect without typing a password.
Bringing your own key
If you already have an SSH key pair — many developers do — you can skip generating a new one and simply import your existing public key into cPanel, then authorise it. This lets you use the same key across multiple servers.
Keeping keys secure
The security of this whole system rests on your private key staying private. Store it safely, protect it with a passphrase, and if a computer holding it is ever lost or compromised, remove that key’s authorisation in cPanel immediately and generate a new pair. Revoking a key is as simple as deauthorising it.
When you’d want this
SSH keys are worth setting up if you use the command line regularly, deploy code, or want the most secure access to your account. If you’re setting up automated deployments or a developer workflow, keys are the professional standard — and we’re happy to help you get them configured.