HostUpCloudHostUpCloudDocs
Cloud Compute

SSH Keys

Upload and manage SSH keys for secure, passwordless access to your instances.

SSH Keys

SSH keys provide secure, passwordless authentication to your cloud instances. Instead of typing a password every time you connect, your SSH key pair handles authentication automatically — it is both more secure and more convenient.

Why Use SSH Keys

FeaturePassword AuthSSH Key Auth
SecurityVulnerable to brute-force attacksVirtually impossible to brute-force
ConvenienceType password every timeAutomatic authentication
AutomationHard to use in scriptsWorks seamlessly in scripts and CI/CD
Multi-userShared passwords are riskyEach user has their own key

Password authentication is disabled by default on most instance images. SSH keys are the recommended and default method for instance access.

Supported Formats

FormatAlgorithmRecommended
ssh-ed25519Ed25519Yes — fastest, most secure
ssh-rsaRSA (2048+ bit)Yes — widest compatibility
ecdsa-sha2-nistp256ECDSA (P-256)Supported
ecdsa-sha2-nistp384ECDSA (P-384)Supported
ecdsa-sha2-nistp521ECDSA (P-521)Supported

We recommend ed25519 keys for new setups. They are shorter, faster, and considered more secure than RSA. Use RSA if you need compatibility with older systems.

Generating an SSH Key

If you do not already have an SSH key, generate one on your local machine.

ssh-keygen -t ed25519 -C "your-email@example.com"

RSA (Compatibility)

ssh-keygen -t rsa -b 4096 -C "your-email@example.com"

When prompted:

  1. File location — Press Enter to accept the default (~/.ssh/id_ed25519 or ~/.ssh/id_rsa)
  2. Passphrase — Enter a passphrase for additional security (recommended) or press Enter for no passphrase

This creates two files:

FilePurpose
~/.ssh/id_ed25519Private key — never share this
~/.ssh/id_ed25519.pubPublic key — upload this to HUC

Viewing Your Public Key

cat ~/.ssh/id_ed25519.pub

Output looks like:

ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAI... your-email@example.com

Never share your private key. Only the .pub (public key) file should be uploaded to HUC or shared with anyone.

Uploading a Key to HUC

  1. Navigate to your cloud dashboard → SSH Keys
  2. Click Add SSH Key
  3. Paste the contents of your public key file (~/.ssh/id_ed25519.pub)
  4. Give the key a recognizable name (e.g., work-laptop, ci-deploy)
  5. Click Save

Your key is now available for selection when creating new instances.

Selecting Keys During Instance Creation

When creating a new cloud instance:

  1. In the Authentication section, select one or more SSH keys from your uploaded keys
  2. The selected keys are injected into the instance's ~/.ssh/authorized_keys file on first boot
  3. You can select multiple keys to grant access to several users or machines

You can select multiple SSH keys during instance creation. All selected keys will be added to the root user's authorized_keys file, allowing multiple people or machines to access the instance.

Connecting to Your Instance

Once your instance is running with your SSH key configured:

# Connect as root (default)
ssh root@your-instance-ip

# Connect with a specific key file
ssh -i ~/.ssh/id_ed25519 root@your-instance-ip

If you set a passphrase on your key, you will be prompted to enter it. Use ssh-agent to avoid entering it repeatedly:

# Start the SSH agent
eval "$(ssh-agent -s)"

# Add your key to the agent
ssh-add ~/.ssh/id_ed25519

Managing SSH Keys

Viewing Your Keys

Navigate to the cloud dashboard → SSH Keys to see all uploaded keys with their:

  • Name
  • Fingerprint
  • Date added

Deleting a Key

  1. Navigate to SSH Keys
  2. Click Delete on the key you want to remove
  3. Confirm the deletion

Deleting an SSH key from the dashboard does not remove it from existing instances. It only prevents the key from being selected for future instance creation. To revoke access on an existing instance, remove the key from ~/.ssh/authorized_keys manually.

Adding Keys to Existing Instances

If you need to add an SSH key to an instance that is already running:

# From a machine that already has access
ssh root@your-instance-ip

# Add the new public key
echo "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAI... user@machine" >> ~/.ssh/authorized_keys

Or copy it directly from your local machine:

ssh-copy-id -i ~/.ssh/id_ed25519.pub root@your-instance-ip

Best Practices

  1. Use Ed25519 keys — Shorter, faster, and more secure than RSA.
  2. Set a passphrase — Protects your private key if your machine is compromised.
  3. Use ssh-agent — Avoid typing your passphrase repeatedly.
  4. One key per machine — Generate a unique key for each device. If a device is lost, revoke only that key.
  5. Name keys descriptively — Use names like work-macbook, ci-server, or home-desktop so you can identify them later.
  6. Audit regularly — Review your uploaded keys and remove any that are no longer in use.
  7. Never share private keys — If multiple people need access, each person should upload their own public key.

Troubleshooting

Permission Denied (publickey)

ssh -v root@your-instance-ip

Common causes:

  • Wrong key — Ensure the correct public key was selected during instance creation
  • File permissions — Private key must be readable only by you: chmod 600 ~/.ssh/id_ed25519
  • SSH agent — If using an agent, verify the key is loaded: ssh-add -l

Fix Permissions

chmod 700 ~/.ssh
chmod 600 ~/.ssh/id_ed25519
chmod 644 ~/.ssh/id_ed25519.pub

Next Steps

Images & Templates

Choose from 18+ operating systems with version selection and LTS/EOL tracking.

Console Access

Access your instance via web-based VNC or serial terminal console.

On this page

SSH KeysWhy Use SSH KeysSupported FormatsGenerating an SSH KeyEd25519 (Recommended)RSA (Compatibility)Viewing Your Public KeyUploading a Key to HUCSelecting Keys During Instance CreationConnecting to Your InstanceManaging SSH KeysViewing Your KeysDeleting a KeyAdding Keys to Existing InstancesBest PracticesTroubleshootingPermission Denied (publickey)Fix PermissionsNext Steps