The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Generate SSH Key for Wheel Group User

Discussion in 'Security' started by zlesavich, Aug 12, 2014.

  1. zlesavich

    zlesavich Member

    Joined:
    Aug 11, 2014
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    I've disabled the password SSH login as suggested by the Security Advisor. I've also disabled root logins and have created an elevated user. How do I make a public and private key for the elevated user?
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,694
    Likes Received:
    654
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    You can generate a SSH key for the wheel user by accessing cPanel as that user and browsing to:

    "cPanel >> SSH/Shell Access"

    Otherwise, you can temporarily enable password authentication so you can access SSH as the user and generate a key using:

    Code:
    ssh-keygen -t rsa
    Thank you.
     
  3. zlesavich

    zlesavich Member

    Joined:
    Aug 11, 2014
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator


    The user I created does not have an account on the server. I just did a "useradd" in CentOS, and I couldn't login to WHM or cPanel with the elevated user. I generated a key regardless just by enabling password auth. The server keeps refusing the key. How do I make them authorized?
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,694
    Likes Received:
    654
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
  5. zlesavich

    zlesavich Member

    Joined:
    Aug 11, 2014
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Thanks for the help so far,

    I've imported both the public and private key, and have authorized them under the ROOT SSH keys section. I've also run the keys through PuTTY Gen and have tried to run them through putty. When I try and login through Putty, I get another server refused key error.

    ==Update==

    One more quick question, the server also seems to be rejecting public keys. Is this by default? How do I make it accept public keys.
     
    #5 zlesavich, Aug 14, 2014
    Last edited: Aug 14, 2014
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,694
    Likes Received:
    654
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
  7. zlesavich

    zlesavich Member

    Joined:
    Aug 11, 2014
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Let me just recap real quick. I used the useradd command to add a new user. I added that user to the wheelgroup. I generated a keypair with the code you gave me, and I uploaded them to the server with the "manage root keys" function as stated. The wheel user can't use the keys but root can.

    How do I generate a keypair that a wheel group user is authorized to use, as the server keeps refusing root keys for said user?
     
  8. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,694
    Likes Received:
    654
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Did you click on "Manage Authorization" for the public key in "WHM Home » Security Center » Manage root’s SSH Keys" and authorize it?

    Thank you.
     
  9. bhadazz

    bhadazz Registered

    Joined:
    Dec 13, 2014
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    zlesavich: I had the same issue. If you didn't resolve it yet do this.

    Create a new user inside WHM (not via ssh) with a fake domain like: admin.com
    Go into that user's cPanel (https://[server-ip]:2087/cpsess[whatever]/xfercpanel/[admin]
    Create your keys in the cPanel admin of the fake admin.com domain you just created
    Go back into WHM and import the new key info just as you did before

    Hope this helps!
     
Loading...

Share This Page