How to configure SSH keys using cPanel

Cheap reseller Hosting

Configuring SSH keys using cPanel involves generating a key pair on the server and adding the public key to your server’s authorized keys file. Here’s a breakdown of the steps:

Generating a Key Pair on cPanel:

  1. Log in to cPanel.
  2. Navigate to the Security section and find the SSH Access tool.
  3. Click on Manage SSH Keys.
  4. Click on Generate a New Key.
  5. You can choose a name for the key pair or leave the default “id_rsa”.
  6. Optionally, set a strong password for the key and click Generate Key.

Adding the Public Key to Authorized Keys:

  1. In the Manage SSH Keys section, you need to scroll down to the Authorized Keys area.
  2. Next, you have to click on Manage next to the key you just generated.
  3. A box with the public key will be displayed. You can copy the entire contents of the box.
  4. Here you’ll need to access your server through another method (like root access or a current SSH connection) and add the copied public key to the authorized_keys file located in the .ssh directory of your home directory.

Downloading the Private Key (for SSH client):

  1. Go back to the Manage SSH Keys section in cPanel.
  2. Find the key you have created under Private Keys.
  3. Click View/Download next to the key.
  4. You’ll see the option to convert the key to PPK format (if using PuTTY). Then, you have to choose the conversion if needed.
  5. Click on Download Key and save the private key securely on your local machine. This private key will be used for SSH login with your client program.


  • Make sure to keep your private key confidential and avoid sharing it with anyone.
  • Consult your SSH client’s documentation for specific instructions on using the private key for login.

For a more detailed walkthrough, you can refer to resources like the cPanel documentation or tutorials from web hosting providers.

Cheap web Hosting

How To Reset A Kloxo Or LxAdmin Password From SSH

Cheap reseller Hosting

How to Reset A Kloxo Or LxAdmin Password From SSH

Kloxo is an another useful free control panel for web hosting management.

When your VPS is installed by us with lxadmin the password will be the same as what you asked for on setup.

If not try “admin”

Note: if you reinstall yourself it will also be “admin”

If you still can’t login:

Step 1 : Login via SSH server as root.

Step 2 : Execute the script.

cd /usr/local/lxlabs/kloxo/httpdocs


cd /usr/local/lxlabs/lxadmin/httpdocs

Step 3 : Restart Kloxo.

/usr/bin/lphp.exe ../bin/common/resetpassword.php master

Step 4 : Now try your password again.

If you still can’t get it to work, create a support ticket at Hostripples client area.

Reset a Kloxo

That’s it!!



Cheap web Hosting

How to Reboot your cpanel/whm in ssh

Cheap reseller Hosting


Reboot your cpanel

How to Reboot your cpanel/whm in ssh

If you happen to mess up your ssh configuration some how you can reset the ssh config from Cpanel then restart your machine via ssh by using following command

/etc/init.d/cpanel restart







If you cannot reboot your server manually, you can restart it by requesting a power cycle.

1) Log in to your Account Manager.

2) Click Servers.

3) Next to the server you want to use, click Manage.

4) Click Power.

5) Click Restart.



Cheap web Hosting

Simple way to protect SSH against or not protect against

Cheap reseller Hosting

Protect SSh

SSH will protect against

Seven important steps to Secure Shell protects against (again, from the README)

Step 1) Eavesdropping of data transmitted over the network.

Step 2) Manipulation of data at intermediate elements in the hosts.

Step 3) IP address spoofing where an attack hosts pretends to be a trusted host by sending packets with the source address of the trusted host. Ssh even protects against a spoofer on the local network, who can pretend he is your router to the outside.

Step 4) DNS spoofing of trusted host names/IP addresses, where an attacker forges name server records

Step 5) IP source routing, where a host can pretend that an IP packet comes from another, trusted host.

Step 6) Interception of cleartext passwords and other data by intermediate hosts.

Step 7) Attacks based on listening to X authentication data and spoofed connection to the X11 server


SSH will not protect against

Secure Shell will not help you with anything that compromises your host’s security in some other way. Once an attacker has gained root access to a machine, he can then subvert ssh, too.

Step 1) Incorrect configuration or usages.

Step 2) A compromised root accounts.

Step 3) Insecure home directories: if an attacker can modify files in your home directory (e.g. via NFS) he may be able to fool SSH



Cheap web Hosting

SSH Connection Sequence

Cheap reseller Hosting



The following series of events help protect the integrity of SSH communication.

SSH Connection Sequence

1) A cryptographic handshake is made with the server

2) The connection between client and remote server is encrypted using symmetric cipher

3) Client authenticates itself

4) Client can now interact safely with remote server over encrypted connection



Cheap web Hosting

How to Installation Linux Malware Detect (Maldet) On Linux

Cheap reseller Hosting

Linux Malware Detect (Maldet) :

Linux Malware Detect (LMD) is a malware scanner for Linux released under the GNU GPLv2 license, that is designed around the threats faced in shared hosted environments. It uses threat data from network edge intrusion detection systems to extract malware that is actively being used in attacks and generates signatures for detection.

Follow the steps below to install maldet on your server.

A) Install maldet on your server

1) SSH to your server
2) Download the tar file and install it.

cd /usr/local/src/ && wget && tar -xzvf maldetect-current.tar.gz && cd maldetect-* && sh

This will automatically install a cronjob inside /etc/cron.daily/maldet so a daily scan will be run for local cPanel or Plesk accounts.

B) Update to the latest version and virus signatures:

maldet -d && maldet -u

C) Run the first scan manually

Launch a background scan for all user’s public_html and public_ftp in all home directories, run the following command:

maldet -b –scan-all /home?/?/public_?

D) Verify the scan report

1) List all scan reports time and SCANID:

maldet –report list

2) Show a specific report details :

maldet –report SCANID

3) Show all scan details from log file:

grep “{scan}” /usr/local/maldetect/event_log

E) Clean the malicious files

The quarantine is disabled. You will have to launch it manually.

maldet -q SCANID

Cheap web Hosting