SSH Key Setup Guide
Set up secure, passwordless authentication with SSH keys for enhanced security
Why Use SSH Keys?
Security Benefits
- Virtually impossible to brute force
- Eliminates password vulnerabilities
- 4096-bit cryptographic protection
- Individual key revocation possible
Convenience Benefits
- Passwordless authentication
- Perfect for automation scripts
- No more forgotten passwords
- Faster connection process
Setup Process
1
Prerequisites & Requirements
What You Need:
- Active TinyBox VPS with SSH access
- Terminal/command line access on your computer
- Your VPS connection details (ID, hostname, port)
- Current password-based SSH access working
Platform Support:
- Linux (all distributions)
- macOS (built-in OpenSSH)
- Windows 10/11 (PowerShell/WSL)
- Windows (PuTTY + PuTTYgen)
Before You Start:
Make sure you can successfully connect to your TinyBox VPS using your current username and password. If you haven't set up SSH access yet, follow our Server Login Guide first.
2
Generate SSH Key Pair
⚠️ IMPORTANT SECURITY NOTICE
Always generate SSH keys on your LOCAL computer, never on the server. This ensures your private key never exists on any remote system.
Linux & macOS
Open Terminal and run the following command:
Command Explanation:
- • -t rsa: Use RSA algorithm
- • -b 4096: Generate 4096-bit key (maximum security)
- • -C tinybox: Add comment to identify the key
- • -f ~/.ssh/tinybox: Save as "tinybox" in SSH directory
Windows PowerShell
Open PowerShell as Administrator and run:
Start-Service ssh-agent
Then generate the key:
Key Generation Process:
- 1. Passphrase Prompt: Press Enter for no passphrase (or set one for extra security)
- 2. Confirmation: Press Enter again to confirm
- 3. Key Generation: Wait for the random art pattern to appear
- 4. Files Created:
~/.ssh/tinybox(private) and~/.ssh/tinybox.pub(public)
3
Server Configuration
Connect to your TinyBox VPS via SSH and prepare the server to accept SSH keys:
Create SSH Directory Structure:
chmod 700 ~/.ssh
touch ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
Permission Explanation:
- • 700 (~/.ssh): Directory readable/writable/executable by owner only
- • 600 (authorized_keys): File readable/writable by owner only
- • These permissions are required for SSH security
4
Install Public Key
Now we need to copy your public key to the server. Choose the method that works best for your setup:
Method 1: Automated Installation (Recommended)
The ssh-copy-id command automatically installs your public key:
Example with real values:
- • Replace YOUR_SSH_PORT with your calculated port (10000 + VPS ID)
- • Replace username with your VPS username
- • Replace YOUR_SERVER with your actual server hostname
Method 2: Manual Installation
If ssh-copy-id isn't available, manually copy the key content:
Step 1: Display your public key
Step 2: Add key to server
On your TinyBox VPS, paste the public key content into authorized_keys:
Paste your public key content, save (Ctrl+O), and exit (Ctrl+X).
5
Client Configuration
Configure your local SSH client to use the new key automatically:
Create SSH Configuration File:
Add the following configuration (replace with your server details):
HostName srv01.tinybox.sh
Port 10123
User username
PubkeyAuthentication yes
IdentityFile ~/.ssh/tinybox
IdentitiesOnly yes
Add Key to SSH Agent:
Configuration Benefits:
- • Simple Connection: Just run
ssh tinybox - • Automatic Key Selection: Uses the correct key automatically
- • Security: IdentitiesOnly prevents key guessing
- • Convenience: No need to specify port or username each time
6
Testing & Verification
Test your SSH key setup to ensure everything works correctly:
Test SSH Key Authentication
Method 1: Using SSH config alias
Method 2: Full connection command
Success Indicators
Working Correctly
- • Connects without asking for password
- • Shows server welcome message immediately
- • No authentication prompts or errors
- • Fast connection establishment
Needs Fixing
- • Still prompts for password
- • "Permission denied" errors
- • Connection timeouts or hangs
- • "Key not loaded" messages
Additional Verification:
Check which keys are loaded in SSH agent:
Test connection with verbose output (for troubleshooting):
7
Troubleshooting Common Issues
Permission Denied Errors
Symptoms:
- • Still asks for password despite key setup
- • "Permission denied (publickey)" errors
- • SSH falls back to password authentication
Solutions:
1. Check file permissions on server:
chmod 600 ~/.ssh/authorized_keys
chmod 600 ~/.ssh/tinybox
2. Verify authorized_keys content:
3. Check SSH daemon configuration (on server):
SSH Key Not Found
Symptoms:
- • "No such file or directory" errors
- • "Could not load identity file" messages
- • SSH agent reports no identities
Solutions:
1. Verify key files exist:
2. Re-add key to SSH agent:
3. Check SSH config file syntax:
Windows-Specific Issues
Common Problems:
- • SSH agent service not running
- • Keys not persisting between sessions
- • PowerShell permission issues
Windows Solutions:
1. Restart SSH agent service:
Start-Service ssh-agent
2. Set service to start automatically:
3. Alternative: Use PuTTY with Pageant for key management
Need Additional Help?
If you're still experiencing issues after trying these solutions, contact TinyBox support at [email protected] with details about your setup and any error messages you're seeing.
Security Best Practices
Key Management
- Use unique keys for different services
- Rotate keys periodically (annually recommended)
- Use passphrases for additional security
- Backup keys in secure, encrypted storage
Access Control
- Disable password authentication once keys work
- Regularly audit authorized_keys file
- Remove old or unused keys promptly
- Monitor SSH login logs for unusual activity