How to Set Up SSH Key Authentication and Disable Password Login Print

SSH key authentication is a more secure and convenient way to access your VPS compared to traditional password-based login. This guide will show you how to configure SSH key-based login on your VPS and disable password authentication for maximum security.

Step 1: Generate an SSH Key Pair (On Your Local Machine)

If you don’t already have an SSH key pair, create one on your computer.

On Linux, macOS, or Windows (with PowerShell):

ssh-keygen

• Press Enter to save in the default location (~/.ssh/id_rsa)

• Optionally enter a passphrase for extra security

This creates:

• Private key: ~/.ssh/id_rsa (keep this secure)

• Public key: ~/.ssh/id_rsa.pub (you will copy this to your VPS)

Step 2: Upload Your Public Key to the VPS

Use the ssh-copy-id command:

ssh-copy-id root@your_server_ip

If ssh-copy-id is unavailable, manually copy the key:

1. Display the public key:

cat ~/.ssh/id_rsa.pub

2. Connect to your VPS:

ssh root@your_server_ip

3. Create the .ssh directory and add the key:

mkdir -p ~/.ssh && chmod 700 ~/.ssh
echo "your_public_key_here" >> ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys

Step 3: Test Key-Based SSH Login

Open a new terminal window and log in using your key:

ssh root@your_server_ip

If successful, you’ll connect without entering a password.

Step 4: Disable Password Authentication

After verifying key-based login works, disable password access.

1. Open the SSH config file:

nano /etc/ssh/sshd_config

2. Find and modify or add the following lines:

PasswordAuthentication no
PermitRootLogin prohibit-password

(Remove any # to uncomment the lines if necessary)

3. Save and exit (Ctrl + X, then Y, then Enter)

4. Restart the SSH service:

On Debian/Ubuntu:

systemctl restart ssh

On CentOS/AlmaLinux:

systemctl restart sshd

Step 5: Recover Access if Locked Out (Optional)

If you lock yourself out by mistake, you can reset root access from the Virtualizor control panel:

1. Log in to the control panel: https://vps.hosteons.com

(You can also access it via https://my.hosteons.com > Services > VPS > Manage VPS)

2. Use the built-in VNC Console to access your VPS directly

3. Re-enable password login in /etc/ssh/sshd_config, then restart SSH.

Conclusion

SSH key authentication provides a more secure and reliable way to access your VPS. Disabling password login helps prevent brute-force attacks and improves overall server security.

If you need help setting up SSH keys or restoring access, contact Hosteons Support.