: Disable Root Logins & Replace With SSH Key



Rise Company
13-01-2020, 05:29
Disable Root Logins & Replace With SSH Key
Disable SSH password authentication in the SSH Password Authorization Tweak area
Setup SSH Keys & Disable root login with Password
Manage root SSH Keys and use PuTTY

https://www.youtube.com/watch?v=yiUpJR2Aucg

----------------------------------------------------------
SSH Password Authorization Tweak whm
----------------------------------------------------------

Disabling Password Authorization

https://www.rise.company/forum/images/imported/2020/01/3.png

Log into WHM as the root user.

https://www.rise.company/forum/images/imported/2020/01/4.png


Click the Security Center option in the navigation menu.

https://www.rise.company/forum/images/imported/2020/01/5.png


Select the SSH Password Authorization Tweak button.

https://www.rise.company/forum/images/imported/2020/01/6.png
On the next page click the Disable Password Auth button.

https://www.rise.company/forum/images/imported/2020/01/7.png

You are finished when you see message stating
Password Auth has been disabled!
Congratulations, now you know how to disable password authorization in WHM!
######################################

----------------------------------------------------------
Manage roots SSH Keys whm
----------------------------------------------------------

SSH Protocol allows you to secure file transfer and remote logins to your server over the internet. The connection via SSH is encrypted and allowing the secure connection between client program PuTTY as example and linux server. This document contains:


Generate SSH Key from WHM
Configure PuTTY to secure connection to your VPS Or Dedicated Server
Connect To your VPS , Dedicate server using PuTTY SSH Key

You can generate ssh key from WHM by following these steps:


Login to WHM as root account
Navigate to Security Center link in the Home page of WHM

https://www.rise.company/forum/images/imported/2020/01/8.png
On the Security Center Page Navigate to Manage Roots SSH Keys linkalso in this section you can manage/delete keys if you have already generate SSH Keys before

https://www.rise.company/forum/images/imported/2020/01/9.png
Once you click Create a New Key you have to fill the following :

Key Name: The keys name. that can be reconized by the root user. The defult name if leave it blank is id_rsa
Key Password: is the password phrase that protect this public key
Password (again):Re-Type the password its important to type a strong password Or you can Click Password Generator to allow WHM Generate Strong Password
Key type:DSA Provides quicker key generation and signing times.RSA Provide quicker verification times.
Key size:Greater key sizes are more secure, but they result in larger file sizes and slower authentication times.

https://www.rise.company/forum/images/imported/2020/01/10.png
click Generate Key and if everythig is ok you should see result something like

https://www.rise.company/forum/images/imported/2020/01/11.png


Now you can go again to Manage roots SSH Keys and from the list on action you can click Manage Authorization to to authorize the key if the status is not authorized

https://www.rise.company/forum/images/imported/2020/01/12.png
To use the PuTTY client application now you have to create PuTTY PPK format key ,click View/Download Key link from list in Private Keys

https://www.rise.company/forum/images/imported/2020/01/13.png
from the Next Page on Private SSH Key id_rsa (PuTTY PPK format) and Enter the passphrase to unlock id_rsa for conversion the passphrase is the password that you enter in the step number 4 on this document and click convert ,Then you can copy the contents of the next page and save it on your local computer as ppk file extension and this file is ready to use it in PuTTY to connect to your server in secure connection.

https://www.rise.company/forum/images/imported/2020/01/14.png


----------------------------------------------------------
Manage roots SSH Keys Putty
----------------------------------------------------------



Configure PuTTY to secure connection to your VPS Or Dedicated Server

Now after you saved your private key file ppk on your local computer ,you can now configure the PuTTY software , if you dont have the PuTTY installed on Your local computer you can download it from Download PuTTY Link, then open your PuTTY and follow these steps to prepare the PuTTY to secure connection to your server:


Open PuTTY and from the session tab type your server IP

https://www.rise.company/forum/images/imported/2020/01/15.png
Now be sure that you assign root Auto-Login User on PuTTY from Connection >> Data

https://www.rise.company/forum/images/imported/2020/01/16.png
> Data Auto-Login User">
Now allow PuTTY to use the Private key ppk that you already prepare in the pervious section Add the file location from Connection >> SSH >> Auth >> on Private key file for authentication :

https://www.rise.company/forum/images/imported/2020/01/17.png

Connect To your VPS , Dedicate server using PuTTY SSH Key:
Now once you click connect the screen should show as following, prompting you to enter the password that you already created first
Using username root.
Authenticating with public key imported-openssh-key
Passphrase for key imported-openssh-key:

:
Cpanel SSH Access with PuTTY (https://www.rise.company/forum/threads/51501-%D8%A7%D9%84%D8%AF%D8%AE%D9%88%D9%84-%D8%B9%D9%84%D9%89-%D8%A7%D9%84%D8%B4%D9%8A%D9%84-%D9%85%D9%86-%D8%AE%D9%84%D8%A7%D9%84-%D8%A7%D9%84%D8%B3%D9%8A-%D8%A8%D8%A7%D9%86%D9%84-Cpanel-SSH-Access-with-PuTTY)
https://blog.cpanel.com/linux-security-enhancement-with-cpanel-whm/