Securing remote server access is one of the most critical responsibilities for system administrators. Traditional password-based SSH logins are highly vulnerable to brute-force attacks, credential leaks, and automated login attempts.
A more secure and recommended approach is SSH key authentication, which replaces passwords with encrypted cryptographic key pairs. This guide explains how to enable SSH key authentication in cPanel/WHM and safely connect to your server.
Why Use SSH Keys Instead of Password Authentication?
SSH key authentication enhances server security by verifying identity through encryption rather than reusable passwords.
Unlike passwords that attackers can guess or steal, SSH keys require possession of a private cryptographic key stored on your local system.
Key Benefits of SSH Key Authentication
- Strong protection against brute-force attacks
- Eliminates password-based login risks
- Faster and automated authentication
- Industry-standard secure server access method
- Reduced chances of credential compromise
Step 1: Access SSH Security Settings in WHM
- Log in to WHM as the root user.
- Navigate to:
Main → Security Center → SSH Password Authorization Tweak
- Disable Password Authentication.
Disabling password authentication ensures only SSH keys can be used for login, significantly improving server protection.
Step 2: Generate an SSH Key in WHM
- Go to Manage SSH Keys in WHM.
- Click Generate a New Key.
- Enter a descriptive Key Name.
- Create a strong passphrase.
- Select a key type:
- ED25519 (Recommended for modern servers)
- RSA (Widely supported)
After generation, WHM creates:
- Public Key
- Private Key
Step 3: Authorize the Public Key
To allow SSH access:
- Locate the generated Public Key.
- Click Authorize.
Authorizing the key tells the server to trust connections authenticated using the matching private key.
Step 4: Download the Private SSH Key
Download the private key to your local computer.
Important Security Notes
- Never share your private key.
- Store it securely.
- Keep backup copies in encrypted storage.
Windows users:
Convert the key into .ppk format using PuTTYgen if connecting via PuTTY.
Step 5: Set Secure Permissions for the Private Key
Restrict access to the private key file:
chmod 600 /path-to-file/file.keyThis ensures only your user account can read the key.
Step 6: Connect to the Server Using SSH Key Authentication
Use the following command:
ssh -i /path-to-file/file.key root@server.ip.addressIf configured correctly, SSH will authenticate using the key instead of a password.
SSH Security Best Practices
- Use strong passphrases for all SSH keys
- Confirm key login works before disabling passwords
- Rotate SSH keys periodically
- Avoid sharing private keys between users
- Maintain secure backups of authorized keys
Why SSH Key Authentication Matters for Server Security?
Implementing SSH key authentication in cPanel/WHM significantly strengthens server access control. By eliminating password logins, administrators can prevent common intrusion methods and reduce unauthorized access risks.
SSH keys are now considered a standard security requirement for production servers and cloud environments.
Final Thoughts
Enabling SSH key authentication is a simple yet powerful way to harden server security. With encrypted authentication and restricted access methods, administrators gain better protection against automated attacks and credential theft.
Adopting SSH keys should be a mandatory best practice for every modern hosting or enterprise server setup.
If you require help or have any doubt, contact SupportPRO Server Admin
Partner with SupportPRO for 24/7 proactive cloud support that keeps your business secure, scalable, and ahead of the curve.
