How to set up SSH keys?
Connect to the server via SSH;
Create the RSA Key Pair:
# ssh-keygen -t rsa -b 2048
Use default location
/root/.ssh/id_rsaand setup passphrase if required.
The public key is now located in
The private key (identification) is now located in
Note: Permissions for the private key should be
Copy the public key to another server using the
# ssh-copy-id firstname.lastname@example.org
IP addressshould be replaced with second server's credentials.
Alternatively, copy the content of
/root/.ssh/authorized_keyson the second server.
Note: permissions for the
authorized_keysfiles should be set to
After that, it should be possible to connect to the server for
email@example.com a password. However, if the passphrase was set, you will be asked to enter the passphrase every time at login.
Since Plesk 12.0, SSH Keys Manager can be used to upload public part of SSH key pair to a Plesk server.
After successful login using the SSH key, it is possible to restrict the root login to only be permitted via SSH keys. In order to do this, open up the SSH config file:
# vi /etc/ssh/sshd_config
Within that file, find the line that includes
PermitRootLoginand modify it to ensure that users can only connect with their SSH key:
Apply the changes:
# service sshd reload