Generate SSH Key for Wheel Group User

zlesavich

Member
Aug 11, 2014
14
0
51
cPanel Access Level
Root Administrator
I've disabled the password SSH login as suggested by the Security Advisor. I've also disabled root logins and have created an elevated user. How do I make a public and private key for the elevated user?
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,908
2,218
463
Hello :)

You can generate a SSH key for the wheel user by accessing cPanel as that user and browsing to:

"cPanel >> SSH/Shell Access"

Otherwise, you can temporarily enable password authentication so you can access SSH as the user and generate a key using:

Code:
ssh-keygen -t rsa
Thank you.
 

zlesavich

Member
Aug 11, 2014
14
0
51
cPanel Access Level
Root Administrator
Hello :)

You can generate a SSH key for the wheel user by accessing cPanel as that user and browsing to:

"cPanel >> SSH/Shell Access"

Otherwise, you can temporarily enable password authentication so you can access SSH as the user and generate a key using:

Code:
ssh-keygen -t rsa
Thank you.


The user I created does not have an account on the server. I just did a "useradd" in CentOS, and I couldn't login to WHM or cPanel with the elevated user. I generated a key regardless just by enabling password auth. The server keeps refusing the key. How do I make them authorized?
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,908
2,218
463
You can import the public key via:

"WHM Home » Security Center » Manage root’s SSH Keys"

Thank you.
 

zlesavich

Member
Aug 11, 2014
14
0
51
cPanel Access Level
Root Administrator
Thanks for the help so far,

I've imported both the public and private key, and have authorized them under the ROOT SSH keys section. I've also run the keys through PuTTY Gen and have tried to run them through putty. When I try and login through Putty, I get another server refused key error.

==Update==

One more quick question, the server also seems to be rejecting public keys. Is this by default? How do I make it accept public keys.
 
Last edited:

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,908
2,218
463
Typically, you authorize the public SSH key on the server, and then use the private key when accessing SSH from your computer.

Thank you.
 

zlesavich

Member
Aug 11, 2014
14
0
51
cPanel Access Level
Root Administrator
Let me just recap real quick. I used the useradd command to add a new user. I added that user to the wheelgroup. I generated a keypair with the code you gave me, and I uploaded them to the server with the "manage root keys" function as stated. The wheel user can't use the keys but root can.

How do I generate a keypair that a wheel group user is authorized to use, as the server keeps refusing root keys for said user?
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,908
2,218
463
I generated a keypair with the code you gave me, and I uploaded them to the server with the "manage root keys" function as stated. The wheel user can't use the keys but root can.
Did you click on "Manage Authorization" for the public key in "WHM Home » Security Center » Manage root’s SSH Keys" and authorize it?

Thank you.
 

bhadazz

Registered
Dec 13, 2014
4
0
1
cPanel Access Level
Root Administrator
Let me just recap real quick. I used the useradd command to add a new user. I added that user to the wheelgroup. I generated a keypair with the code you gave me, and I uploaded them to the server with the "manage root keys" function as stated. The wheel user can't use the keys but root can.

How do I generate a keypair that a wheel group user is authorized to use, as the server keeps refusing root keys for said user?
zlesavich: I had the same issue. If you didn't resolve it yet do this.

Create a new user inside WHM (not via ssh) with a fake domain like: admin.com
Go into that user's cPanel (https://[server-ip]:2087/cpsess[whatever]/xfercpanel/[admin]
Create your keys in the cPanel admin of the fake admin.com domain you just created
Go back into WHM and import the new key info just as you did before

Hope this helps!