Generating an SSH key for secure access

Generating an SSH key for secure access

What you'll learn: how to create an SSH key and add it to your hosting account, so you can log in (or upload files) without typing a password.

What's an SSH key?

A pair of files: a private key (lives on your computer, never share) and a public key (you upload to the server). When you connect, your computer proves it has the private key — no password needed.

It's more secure than a password and more convenient too.

Step 1 — Generate a key on your computer

Mac / Linux

Open Terminal and run:

ssh-keygen -t ed25519 -C "your.email@example.com"
  • Press Enter to accept the default location (~/.ssh/id_ed25519).
  • Set a passphrase if you want extra protection (optional but recommended).

Windows

  • Open PowerShell and run the same command above (Windows 10+ has SSH built in).
  • Or use PuTTYgen — install PuTTY and use the bundled key generator app.

You now have two files:

  • id_ed25519 — your private key. Never share this.
  • id_ed25519.pub — your public key. Safe to share.

Step 2 — Copy your public key

cat ~/.ssh/id_ed25519.pub

This prints a single long line that looks like:

ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH... your.email@example.com

Select the whole line and copy it.

Step 3 — Add the key in the panel

  1. Click your username (top-right) → SSH keys (or sidebar → SSH keys if available on your account).
  2. Click Add SSH key.
  3. Give it a friendly name (like "MacBook Pro").
  4. Paste the entire public key into the box.
  5. Click Save.

Step 4 — Connect

Now from your terminal:

ssh yourusername@yourdomain.com

If you set a passphrase on the key, you'll be asked for that (not your account password). Otherwise you'll be straight in.

For SFTP apps, point them at the private key file (~/.ssh/id_ed25519) in the authentication settings instead of typing a password.

Tips

  • Keep your private key private. Don't email it, paste it in chat, or store it in a public folder. If it leaks, anyone can log in as you.
  • Use a passphrase. It's an extra layer of protection if your laptop is lost or stolen.
  • One key per computer. Generate a new key on each device rather than copying one around.
  • Add a separate key for any contractor. Don't share your key — give them their own and remove it when their work is done.

If something goes wrong

  • "Permission denied (publickey)" — the public key isn't on the server, or you're using a different private key. Check that the public key in the panel matches the one on your computer (cat ~/.ssh/id_ed25519.pub).
  • "Bad passphrase" — that's the passphrase for your key, not your account password.
  • You lost your private key — generate a new one and add the new public key in the panel. Remove the old one.

Related articles