Welcome to WebmasterWorld Guest from 188.8.131.52
Forum Moderators: phranque
I use SSH to login to my server. cPanel offers a public key & private key.
Which should I really be using to login?
I converted the "public" key to .ppk (for putty) -- is this insecure? Should I be using the "private" key?
What is the difference?
The private key exists on your computer in a location known only two two elements: you and PuttY (or whatever program you use to SSH to the server.) When you log in, PuttY sends the private key, in combination with the passphrase, over a secure channel to connect with the public key. If it fits, it authenticates you.
If you are using cPanel or anything else, delete private key from the server after creation unless the app does it for you. The private key is to be guarded with your life. :-)
I'm no expert on SSH/GPG keys, but that is the vital info. I usually have an admin create the keys for me and set it up so I don't hose something up. :-)