← Back to Blog

How to Set Up SSH Keys on a VPS (2026)

Published May 4, 2026 · 5 min read · Galaxy Cloud Solutions

SSH keys are the right way to log into a VPS. They are more secure than passwords because there is no password to steal or brute force — authentication uses a cryptographic key pair that never travels over the network. Once you set them up, logging in is also faster since you do not type a password. Here is how to do it.

⚡ VPS from $5/mo — Use code LAUNCH2026 for 50% off

How SSH Keys Work

You generate two files: a private key that stays on your computer and a public key that you copy to the server. When you connect, your SSH client proves it has the private key without ever sending it. The server checks this proof against the public key it has stored. If they match, you are in.

Step 1: Generate a Key Pair

Run this on your local machine, not the server:

ssh-keygen -t ed25519 -C "[email protected]"

Ed25519 is the modern, recommended algorithm. RSA still works but ed25519 keys are shorter and more secure. When prompted for a file location, press Enter to use the default. When prompted for a passphrase, add one for extra security or press Enter to skip.

This creates two files: ~/.ssh/id_ed25519 (private key — never share this) and ~/.ssh/id_ed25519.pub (public key — this goes on the server).

Step 2: Copy the Public Key to Your Server

The easiest way if password auth is still enabled:

ssh-copy-id username@your-server-ip

If ssh-copy-id is not available (Windows users), do it manually:

# On the server
mkdir -p ~/.ssh
chmod 700 ~/.ssh
nano ~/.ssh/authorized_keys
# Paste the contents of your id_ed25519.pub file here
chmod 600 ~/.ssh/authorized_keys

Step 3: Test the Key Login

ssh username@your-server-ip

You should log in without being prompted for a password. If it works, move to the next step.

Step 4: Disable Password Authentication

Once keys are working, disable password login so brute force attacks have nothing to work with:

sudo nano /etc/ssh/sshd_config

Find and set these lines:

PasswordAuthentication no
PubkeyAuthentication yes
PermitRootLogin no
sudo systemctl restart ssh

Do not close your current session until you have tested that a new connection still works with your key.

Using Multiple Keys

If you work from multiple computers, add each computer's public key to ~/.ssh/authorized_keys on the server — one key per line. You can also specify which key to use for a specific server in your local ~/.ssh/config:

Host myserver
    HostName your-server-ip
    User ubuntu
    Port 22
    IdentityFile ~/.ssh/id_ed25519

After this you can connect with just ssh myserver.

Related Articles

How to Set Up an Ubuntu VPS for the First Time How to Set Up Fail2ban on a VPS How to Secure a Linux VPS How to Back Up a VPS

Add your SSH key at signup

Galaxy Cloud Solutions lets you add your SSH public key during order placement. It gets injected into your VM automatically — no password needed from day one. Plans from $5/mo — use code LAUNCH2026 for 50% off.

Get Started