SSH (Secure Shell) key pairs are essential for secure authentication to servers. However, there may be instances where regenerating SSH key pairs becomes necessary. This knowledge base provides detailed information on how to regenerate SSH key pairs in WHM cPanel for enhanced server security.

1. Understanding SSH Key Pairs:

   • SSH key pairs consist of a public key and a private key. The public key is shared with servers, while the private key is kept secure and used for authentication.

2. Accessing WHM for SSH Key Pair Management:

   • Log in to WHM using your administrator credentials.

3. Navigating to SSH Key Pair Configuration:

   • Locate and select 'SSH Key Pair' from the WHM menu.

4. Reviewing Current SSH Key Pairs:

   • Check the list of existing SSH key pairs to identify which ones need to be regenerated.

5. Identifying Reasons for Regeneration:

   • Familiarize yourself with common scenarios that may necessitate the regeneration of SSH key pairs, such as compromised keys or expired certificates.

6. Generating a New SSH Key Pair:

   • Initiate the process of generating a new SSH key pair within WHM.

7. Selecting Key Type and Length:

   • Choose the type and length of the new key pair based on your security requirements.

8. Setting Key Expiry (Optional):

   • If necessary, configure the new key pair with an expiration date for enhanced security.

9. Adding Key Comment (Optional):

   • Optionally, include a descriptive comment to help identify the purpose or owner of the key pair.

10. Specifying a Passphrase (Optional):

    • Add an extra layer of security by setting a passphrase for the private key.

11. Downloading and Storing Private Key:

    • Download the private key file and securely store it in a location with restricted access.

12. Adding Public Key to Server:

    • Manually add the public key to the servers that require authentication using the new key pair.

13. Updating Authorized Keys File:

    • If necessary, update the ~/.ssh/authorized_keys file on the server with the new public key.

14. Handling Key Rotation and Expiration:

    • Implement a key rotation policy to regularly regenerate and replace SSH keys for enhanced security.

15. Educating Users on SSH Key Regeneration:

    • Provide guidelines to users on how to regenerate their own SSH key pairs using WHM.

16. Documenting SSH Key Regeneration Procedures:

    • Keep detailed records of SSH key regeneration steps taken, including settings, changes, and their impact.

17. Conducting Regular Audits of SSH Key Pairs:

    • Periodically review SSH key pairs to ensure they remain accurate and reliable for secure authentication.

18. Handling SSH Key Compromise:

    • If there is a suspected compromise of SSH keys, regenerate them immediately and update authorized keys files.

19. Implementing Multi-Factor Authentication (Optional):

    • Consider implementing multi-factor authentication (MFA) to enhance the security of SSH key-based logins.

20. Implementing Key Management Policies (Optional):

    • Establish policies for managing SSH keys, including rotation, expiration, and revocation procedures.

Conclusion:

Effectively regenerating SSH key pairs in WHM cPanel is crucial for maintaining robust server security. By following the steps outlined in this knowledge base, you can efficiently initiate and complete the regeneration process, ensuring that your servers remain protected against unauthorized access. This contributes to an overall more secure and reliable server environment.