Here’s how to setup SSH Key Authentication when you are using A2 Hosting‘s Linux shared web hosting.
SSH Key Authentication uses key pairs – a public key and a private key.
These public keys are stored in files. There will be two files, typically.
The public key needs to be on the web server, and the private key on your local workstation.
From your account overview page, go to your cPanel.
Scroll down to the Security heading, and find the SSH Access icon.
Then click the “Manage SSH Keys” button.
Click “Generate a New Key”.
You’ll see a page similar to this. Give the key a name, and a password.
I recommend you name the key something that will help identify it later – like “a2hosting_rsa”.
A password? Yep, it’s to protect the private key file. We’ll show you how easy this is to use shortly.
Then click the “Generate Key” button.
When done, you’ll see a message and use the “Go Back” link.
You’ll now see a new public key and new private key.
Notice the new key is “not authorized”, so click “Manage”.
Now, click “Authorize”.
When you return to the keys page, you’ll see it’s now authorized. Behind the scenes, there will now be an authorized_keys file in the .ssh folder in your home drive (on the web server).
At this point, we’re about half done. The public key is now in place on the web server. But, we still need to get the private key onto our local machine. In this case, we’ll describe how to do this on MacOS, but Linux is similar.
Notice that the private keys section of the page has a view/download link. Click it.
You can now either copy/paste or download the key file.
NOTE: Keep your private key secure. As you can see in this screenshot, I’ve blurred the value. This is also a test key, and I’ll not be keeping it after creating this tutorial.
Let’s use the download button.
The key file will be in your downloads folder.
From here, we need to move it to your .ssh folder, set file permissions and add it to the SSH-agent.
So, to get started, launch a Terminal.
Then, run these commands.
cp ~/Downloads/a2hosting_rsa ~/.ssh chmod 600 ~/.ssh/a2hosting_rsa ssh-add ~/.ssh/a2hosting_rsa
The first command copies the private key file from your downloads directory, to the .ssh directory in your home directory.
Then, we need to set 600 permissions on the file. This is a requirement, so that only the user owning the file can read or write to it. SSH won’t allow you to use files that have more permissions than this.
Lastly, we use ssh-add to load the private key into memory. You will have to supply the password/passphrase you set earlier.
After this is done, you should also rm (remove) the private key file from the downloads directory.
How to test?
Try to SSH into your host – you should get in, with no password required.
Your command will look something like the following.
ssh [email protected] -p7822
Replace “user” with the username assigned to you by A2 Hosting, and replace the “az1-ls99.a2hosting.com” with your actual server name.
A2 Hosting’s SSH access uses a non-standard port, for a mild security improvement. Hence, we have the -p option for using TCP port 7822 to connect.