Before you start, there are a few things you need:
A virtual private server running any of OS options
Your server’s IP address
Your login/password credentials
Your preferred SSH client
If you are not familiar with these terms or where to find them, don’t worry. Let’s go through them one by one:
Your server’s IP address is similar to the address of your home or apartment. It tells your computer where your server is located on the internet. You can easily find your server’s IP address by logging into the SSD Grow dashboard, navigating to Services -> My services in the left-hand navigation, or by finding the appropriate server under My active servers. Click on the specific server you want to log into and look for the Primary IP heading.
If this is your first time logging in, you will be using the administrative account, also referred to as the Superuser. The Superuser account is typed in as “root”.
You can confirm that you are using the Superuser account by checking the “Primary IP” heading. Your default password can also be found here.
OpenSSH is the default SSH client for Linux and OS X computers, and it should already be installed. To get started, open a terminal using the ssh command.
For Windows, we suggest using PuTTY, a free and open-source program. We recommend downloading the MSI installer to ensure you have all the necessary tools to perform more advanced techniques, such as key-based logins.
SSD Grow servers are accessible through SSH, so you don’t need to spend any time on setup—just launch your favourite terminal emulator (Linux/OS X) and call the ssh command using the root user and the IP address you found above:
You might get a warning the first time you try connecting to your server—simply put, your computer just doesn’t recognize the remote server. You can safely type yes here—you won’t see the warning again.
From here, you’ll be asked for your password—remember that it’s case-sensitive!
At this point, you should be logged in and ready to take the next steps with your VPS Hosting.
If you’re using a Windows machine, we recommend PuTTY to log in to your VPS Hosting. If it’s your first time launching PuTTY, you’ll be prompted with a configuration screen. Use the following configurations:
Click Open to begin the connection. If this is your first time, you’ll see a short warning. You can accept the connection by clicking Yes.
First, you’ll be prompted for a user account:
Enter root here. You’ll be prompted for your password.
Currently, you may access your server and execute all commands as the root user. This user has the authorization to modify every aspect of your server. While this is beneficial for administrative purposes, frequently logging in and navigating your VPS Hosting as a root user could compromise your server’s security.
Therefore, creating a new user account specifically for administrative tasks is recommended. You can choose your preferred username to replace the default one.
The command will ask you to input a password. We highly recommend a strong, secure password.
You’ll also be asked to input some other information. The default option is fine, so just hit Enter for each of these and then type Y to confirm.
Add the new user to the sudo group.
Before we can test out whether sudo access is working, we need to log into the user account.
Now, make sure your sudo access is working. One way of doing this is by listing the /root/ directory, which is only possible with sudo access. You’ll be asked for your user’s password to authenticate.
SSH is an inherently secure method of connecting to remote servers. However, there are some additional steps you can take to further enhance the legitimacy of your connections. The easiest and best way to achieve this is by using SSH keys.
SSH authentication involves a public key and a private key. While the public key can be shared freely on the internet, you should never share your private key with anyone or take it outside your local machine. By placing your public key on your VPS Hosting, you can match it up with your private key to log in. This significantly increases the security of your connection, as SSH keys are extremely difficult to attack through brute force.
First, create your keys on your local machine:
You’ll be prompted with a request on where to save the newly-created files.
The best option here is to type Enter and place the keys in their default location. Next, you’ll be asked for a passphrase.
When it comes to securing your SSH key, there are advantages and disadvantages to using a passphrase. On one hand, a passphrase can provide an extra layer of security since even if someone gains access to your private key, they will still need to know your passphrase to use it. It’s almost like having two-factor authentication for SSH.
However, using a strong passphrase means you’ll have to type it in every time you use your key. It’s important to consider all the factors for your particular application. If it’s a personal server, a weaker passphrase or no passphrase at all may be sufficient. But if you’re hosting user data, then security becomes a top priority.
After you’ve made your decision, you’ll be prompted to enter your passphrase (if you choose to use one). Once you do, the program will create your keys and provide additional output. Your public key (which can be shared) will be located at /home/local-user/.ssh/id_rsa.pub, while your private key will be located at /home/local-user/.ssh/id_rsa.
Now, you need to copy your public key to the VPS Hosting that you want to log into. The easiest way to do this is to use the ssh-copy-id program.
If you don’t have that program available, you can also use the following command, which pipes the content of your public key file through SSH and appends the output to the end of the authorized_keys file on your server.
You’ll see some output related to connecting to the server and copying your public key into the authorized_keys file on the VPS Hosting. Now you can try logging in with SSH again.
If you did not secure your SSH key with a passphrase, you’ll be immediately logged in. If you used a passphrase, SSH will ask for it. It’s important to remember that SSH is asking for your SSH key’s passphrase , not any of the user passwords you might have entered in earlier steps.
Once you’ve ensured that you can log into your VPS Hosting with SSH keys, you can further improve security by disabling password-based logins for the root user and others.
Log into your VPS Hosting if you’re not already.
Open up the SSH configuration file in your editor of choice. nano is a user-friendly option for those newer to Linux administration.
You’re looking for two lines: one that begins with PermitRootLogin and another that begins with PasswordAuthentication. Change them to the following:
Finally, reload ssh to enable this change (for Ubuntu-based servers).
Starting now, you will be able to log in to your VPS Hosting using your SSH key. Direct login to the root account will no longer be available. This change will enable you to access your VPS Hosting more securely and effortlessly via SSH authentication. With a bit of good fortune, everything should work smoothly.
In conclusion, establishing a secure SSH connection to your VPS is essential for safeguarding your data and system integrity. With the steps you’ve learned how to connect to your VPS securely and implement crucial security measures. Remember to regularly update your SSH configuration, use strong passwords or SSH keys, and monitor access logs for any suspicious activity. With these practices in place, you can confidently manage your VPS Hosting and protect it from unauthorized access and potential security threats.