BlitzLearnAI
1 / 9
Courses Deploy OpenClaw on a VPS Day 4
Day 4 of 14 · VPS + OpenClaw

SSH Keys & Secure Login

⏱ 7 min 📊 Beginner

Your server is running. Now you need a way to control it. Since your VPS has no screen or keyboard, you connect to it over the internet using SSH (Secure Shell). Think of SSH as an encrypted tunnel between your computer and your server — everything you type travels through that tunnel safely, invisible to anyone listening.

Diagram showing an encrypted SSH tunnel between a laptop and a VPS
SSH creates a secure, encrypted connection between your computer and your server.

Your First Login with a Password

If you set a root password when creating your VPS, you can log in right now. Open a terminal on your computer (Terminal on Mac/Linux, PowerShell on Windows) and type:

`ssh root@YOUR_IP_ADDRESS`

Replace `YOUR_IP_ADDRESS` with the IP from yesterday. Type `yes` when asked about the fingerprint, then enter your password. You are now controlling your server. Everything you type runs on the server, not on your laptop.

To disconnect, type `exit` and press Enter.

Upgrading to SSH Keys (Much Safer)

Passwords can be guessed. SSH keys cannot. A key pair consists of two files:

- Private key — stays on your computer. Never share it.

- Public key — gets copied to your server. It is safe to share.

When you connect, your computer proves it has the private key without ever sending it. Here is how to set it up:

1. Generate a key pair on your own computer: `ssh-keygen -t ed25519 -C "your@email.com"`. Press Enter to accept the default file location, then set a passphrase (or leave it empty).

2. Copy the public key to your server: `ssh-copy-id root@YOUR_IP_ADDRESS`. Enter your password one last time.

3. Test it — run `ssh root@YOUR_IP_ADDRESS` again. This time it should log you in without asking for a password.

From now on, only someone with your private key file can access your server. Tomorrow we will also disable password login entirely for maximum security.

Knowledge Check
What does SSH stand for?
A
Secure Shell
B
Simple Hosting Service
C
System Host Socket
D
Server Hosting Shell
SSH stands for Secure Shell. It provides an encrypted connection between your computer and a remote server.
Knowledge Check
Which part of an SSH key pair should NEVER be shared?
A
The public key
B
Both keys
C
The private key
D
Neither key — both are meant to be shared
The private key must stay on your own computer and never be shared. The public key is designed to be placed on servers you want to access.
Knowledge Check
What command copies your public SSH key to your server?
A
ssh root@IP
B
scp key root@IP
C
ssh-keygen
D
ssh-copy-id root@IP
The ssh-copy-id command is a convenient utility that copies your public key to the remote server's authorized_keys file, enabling passwordless login.
🦞
OpenClaw 🦞
online
I typed the ssh command and it says "connection refused." What's wrong?
Don't panic — this usually means one of two things: 1. **Wrong IP address** — double-check the IP your provider gave you. 2. **Server not ready yet** — some providers take a minute or two after creation. Wait 60 seconds and try again. If it still fails, check your provider's dashboard to make sure the server status shows "Running" or "Active." You can also try `ping YOUR_IP_ADDRESS` to see if the server is reachable at all. 🦞
↻ Replay conversation
🖥️
Day 4 Complete
"SSH keys are like a digital lock and key — the public key is the lock on your server, and only your private key can open it."
Tomorrow — Day 5
Linux Survival Guide
Learn the essential Linux commands you need to navigate your server and manage files.
🔥1
1 day streak!
Continue to Day 5 →