SSH Access

SSH Login

To connect to your VPS Server, there are 2 primary authentication methods: password or key file. Your server provider will provide you with one of these after purchase.

• Download your preferred SSH Client, we recommend: PuTTY

• Enter your server's IP address in the Hostname field.

• Leave the port as 22 for SSH Access (unless your VPS provider specifies otherwise)

• If it is password you have, the SSH client will prompt you to type it in, if it is a key file, you have to specify the location on your SSH client as shown below:

• Click on Open to start the connection, you will be prompted for username.

After successful connection to the server, you will have an interface as shown below. This is where you will type in commands.

For example: To navigate to a directory, run the command cd /path/to/the/directory

SSH Key File (optional)

If your server already provided you with key file for authentication, then you may skip this step, but if you were provided with password instead, this section contains instructions on how to convert to SSH key file, as it is the most secure.

First you need to generate your own key file using PuTTYgen. (it is included with PuTTY installation)

• Open the PuTTYgen program.

• For Type of key to generate, select SSH-2 RSA.

• Click the Generate button.

• Move your mouse in the area below the progress bar. When the progress bar is full, PuTTYgen generates your key pair.

• Type a passphrase in the Key passphrase field. Type the same passphrase in the Confirm passphrase field. You can use a key without a passphrase, but this is not recommended.

• Click the Save private key button to save the private key. Warning! You must save the private key. You will need it to connect to your machine.

• Right-click in the text field labeled Public key for pasting into OpenSSH authorized_keys file and choose Select All. (This is what you need to save on your server to enable key file authentication)

• Right-click again in the same text field and choose Copy.

Copy Public Key to Server

You have to save the copied public key on your server to enable authentication file.

• If you are not already logged in, Login to the server (see: SSH Login)

• Create your .ssh directory using the command:

mkdir -p ~/.ssh

• Run the command:

echo "your copied public key here" >> ~/.ssh/authorized_keys

• Now, you should close the current session, and try to login with the newly created key file. (see: SSH Login)

Disable Password Login

Finally, you need to disable the password login, so that the only means of authentication to your server will now be through the created key file. (If your server already provided you with a key file upon purchase, the password login will be disabled by default, so you may skip this section)

While logged in as the root user (using the SSH Key file).

• Edit the file: /etc/ssh/sshd_config

sudo nano /etc/ssh/sshd_config

• Look for the line and uncomment it (by removing the #). If it was set to yes, change it to no:

#PasswordAuthentication no
#ChallengeResponseAuthentication no

• Save the file (Ctrl + O)

• Now restart the service:

sudo service ssh restart

Creating User

We recommend installing Cryptitan under a newly created user with less privilege than the root user, this section will guide you through the process.

• First you need to login as the root user since that is the account that has the permission to create a new user account (see: SSH Login)

• Run the command:

sudo useradd -m neoscrypts

• While still logged in as the root user, switch to the newly created user account using the command:

sudo su - neoscrypts

Now you need to copy the public key into the newly created user account to enable authentication with SSH key. If you don't have a key file yet, refer to SSH Key File section

• Set the public key by using the same instructions as above

Upload Files

You need to setup your preferred SFTP client, to be able to upload files to the server, We recommend: WinSCP

• Enter your server's IP address as Host name

• Set your port to 22 (unless specified otherwise by your provider)

• Set your username (always upload as the created user account, do not upload as root user!)

• If you have enabled key file authentication as we recommended, click on Advanced

• Select the path to your key file and click on OK.

• Save and click on Login to start session

• At the top bar, enter the directory path you want to navigate to.

• Finally, to upload a file, simply drag and drop the file into the remote area.