SSH Access: How to Enable and Connect to Your Hosting

If you run a website on a cPanel hosting account at AEserver, you have access to a powerful tool that most hosting customers never use: SSH access. SSH lets you connect directly to your server through an encrypted command line, run scripts, manage files at scale, deploy code from Git, and do dozens of other things that would be slow or impossible through the cPanel web interface.

This guide walks you through everything you need: what SSH access is, which AEserver plans support it, how to generate SSH keys on Mac, Linux, and Windows, how to authorize them in cPanel, and how to connect for the first time. All commands are ready to copy-paste.

What Is SSH Access?

SSH (Secure Shell) is an encrypted network protocol that lets you log into a remote server over the internet and execute commands as if you were sitting at the server itself. Everything between your computer and the server is encrypted, so even on public Wi-Fi nobody can read your commands or passwords.

SSH access in a hosting context means your hosting provider gives you a username, a hostname, and a port that you can use to connect to the server with an SSH client. Once connected, you get a Linux command line where you can run shell commands, edit files, manage databases, and do anything else permitted by your hosting plan’s shell type.

The reference implementation of SSH used by virtually every Linux server (including AEserver’s) is OpenSSH, the open-source suite developed by the OpenBSD Project.

Why UAE Businesses Use SSH Access

SSH is not just a developer toy. Real use cases that matter for UAE businesses running on AEserver include:

1. Faster file management at scale. Moving 50,000 product images takes seconds with mv or rsync, compared to hours through cPanel File Manager.
2. Database operations. Export and import multi-gigabyte MySQL databases with mysqldump, way past the timeout limits of phpMyAdmin.
3. Git deployments. Pull updates from GitHub or Bitbucket directly to your server, perfect for development teams.
4. WordPress administration via WP-CLI. Update plugins, run database searches, fix corrupted sites, all from the command line.
5. Automated backups. Schedule cron jobs that compress and download backups to a local or cloud location.
6. Troubleshooting at the server level. Read error logs, check disk usage, kill stuck processes, see what is actually happening when something breaks.
7. Secure file transfer (SFTP). Upload large files reliably without the connection drops common in plain FTP.

If your business runs on a WooCommerce store, a custom PHP application, or any setup that needs more control than a simple WordPress blog, SSH is the bridge between hobbyist hosting and professional infrastructure.

SSH Access Across AEserver Plans

SSH is supported on every AEserver hosting product. The shell type and access level differ slightly between plan tiers.

Part 1: Find Your SSH Connection Details

Before you generate any keys, find the four pieces of information you need to connect. All of them are inside cPanel.

Log in to your AEserver cPanel account. From the home page, scroll to the Security section and click SSH Access. (If you are new to cPanel itself, our complete guide to cPanel hosting covers the layout in detail.)

Your cPanel username (visible in the top-right corner of cPanel) is also your SSH username. Your hostname is your domain name or the server hostname provided in your hosting welcome email. Note these down. You will also need the SSH port, which is shown on the SSH Access page or in your welcome email.

The four values you need to write down:

1. Username: your cPanel username (for example, aeuser01)
2. Hostname: your domain (for example, example.ae) or server hostname
3. Port: the SSH port shown in cPanel (for example, 22)
4. Password: your cPanel password (only needed if connecting without keys)

Part 2: Generate SSH Keys

SSH keys are a pair of files: a private key that stays on your computer and a public key you upload to the server. They replace passwords with cryptographic authentication, which is more secure and easier to automate.

You can generate keys two ways: directly inside cPanel, or on your local computer. Generating them locally is the safer and more flexible approach because the private key never leaves your machine. We will cover both, but we recommend generating locally.

📋 Method 1: Generate Keys on Your Computer (Recommended)

Pick the section below that matches your operating system.

🍎 Method 1A: Generate SSH Keys on macOS

Open the Terminal app from Applications > Utilities > Terminal, or press Command + Space and type Terminal.

Type the following command and press Enter:

ssh-keygen -t ed25519 -C "your_email@example.com"

The -t ed25519 flag selects the modern Ed25519 algorithm, which is faster and more secure than older RSA keys. Replace your_email@example.com with your real email address (this is just a label).

When asked where to save the key, press Enter to accept the default ~/.ssh/id_ed25519.

Enter file in which to save the key (/Users/yourname/.ssh/id_ed25519):

Enter a strong passphrase when prompted, and confirm it. The passphrase encrypts the private key on disk. You can press Enter twice for no passphrase, but a passphrase is strongly recommended.

Display the public key with this command:

cat ~/.ssh/id_ed25519.pub

The output starts with ssh-ed25519 and ends with your email comment. Select all of it and copy to clipboard. You will paste this into cPanel in Part 3.

🐧 Method 1B: Generate SSH Keys on Linux

The process on Linux is identical to macOS because both use OpenSSH. Open a terminal (Ctrl + Alt + T on most distributions) and follow the macOS steps above. The commands are the same:

ssh-keygen -t ed25519 -C "your_email@example.com"
cat ~/.ssh/id_ed25519.pub

🪟 Method 1C: Generate SSH Keys on Windows

Windows 10 (build 1809 and later) and Windows 11 ship with OpenSSH built in. According to Microsoft’s official OpenSSH documentation, you can use the same commands as macOS and Linux from PowerShell or Windows Terminal.

Press Windows + X and select Windows Terminal or PowerShell. On Windows 10, search for PowerShell in the Start menu.

Check that OpenSSH is installed:

ssh -V

You should see something like OpenSSH_for_Windows_8.6p1. If you get an error, install OpenSSH from Settings > Apps > Optional Features > Add a feature > OpenSSH Client.

ssh-keygen -t ed25519 -C "your_email@example.com"

Press Enter to accept the default save location, which on Windows is C:\Users\YourName\.ssh\id_ed25519. Set a passphrase when prompted.

Display the public key:

type $env:USERPROFILE\.ssh\id_ed25519.pub

Copy the entire output (starts with ssh-ed25519).

📋 Method 2: Generate Keys Inside cPanel

If you cannot generate keys locally for any reason, cPanel can do it for you. The downside: cPanel keeps a copy of the private key on the server temporarily, which is slightly less secure.

From cPanel, go to Security > SSH Access, then click Manage SSH Keys.

You will see two buttons: Generate a New Key and Import Key. Click Generate a New Key.

Set a key name (or leave the default id_rsa), enter a strong passphrase, choose key type RSA with size 4096 bits, then click Generate Key.

Go back to the Manage SSH Keys page. Under Private Keys, click View/Download next to your key. Download the file to a safe location on your computer (typically your ~/.ssh/ folder on Mac/Linux). Once downloaded, delete the private key from the server through the same interface.

Part 3: Authorize the Public Key in cPanel

Generating the key is half the work. To use it, you must authorize the public key in cPanel.

If you generated keys on your computer in Part 2 Method 1, you need to upload the public key to cPanel. Go to Security > SSH Access > Manage SSH Keys > Import Key. Paste the contents of your id_ed25519.pub file into the Public Key text box, leave the Private Key field blank, and click Import.

On the Manage SSH Keys page, find your key under Public Keys. In the Authorization Status column it should show not authorized. Click Manage, then click Authorize. The status changes to authorized.

Part 4: Connect to Your Server via SSH

You now have an authorized key. Time to connect.

🍎 Connecting from macOS or 🐧 Linux

Open Terminal and run:

ssh -p PORT username@yourdomain.com

Replace PORT with your actual SSH port, username with your cPanel username, and yourdomain.com with your domain or server hostname. For example:

ssh -p 22 aeuser01@example.ae

The first time you connect, you will see a fingerprint warning:

The authenticity of host 'example.ae' can't be established.
ED25519 key fingerprint is SHA256:...
Are you sure you want to continue connecting (yes/no)?

Type yes and press Enter. The fingerprint is saved to ~/.ssh/known_hosts so you will not see this prompt again. If your key has a passphrase, enter it when asked. You should see a Linux prompt like:

aeuser01@server.aeserver.com [~]$

You are now connected to your server.

🪟 Connecting from Windows (PowerShell / OpenSSH)

Open PowerShell or Windows Terminal and run the same command as on Mac/Linux:

ssh -p PORT username@yourdomain.com

Windows OpenSSH automatically reads keys from C:\Users\YourName\.ssh\, so if you generated id_ed25519 there it will be used.

🪟 Connecting from Windows (PuTTY)

Launch PuTTY. The configuration window appears.

In Host Name (or IP address), type your server hostname (for example, example.ae). In Port, enter your SSH port. Make sure SSH is selected as Connection type.

In the left panel, navigate to Connection > SSH > Auth > Credentials. Under Private key file for authentication, click Browse and select your .ppk private key file.

If you generated your private key in OpenSSH format (Mac/Linux/Windows OpenSSH), you must convert it to PuTTY’s PPK format using PuTTYgen: open PuTTYgen, click Load, select your private key, then Save private key as a .ppk file.

Click Open. Accept the security alert on first connection. Enter your username when prompted, then your key passphrase. You are connected.

Common SSH Commands for Hosting

Once connected, here are the most useful commands for managing a hosting account.

📋 File and Directory Operations

List files in current directory, including hidden files:

ls -lah

Change directory:

cd public_html

Show your current location:

pwd

Create a directory:

mkdir new-folder

Delete a file:

rm filename.txt

Delete a directory and all contents (use with caution):

rm -rf foldername

Copy a file:

cp source.txt destination.txt

Move or rename a file:

mv oldname.txt newname.txt

📋 Compression and Extraction

Compress a folder into a tar.gz archive:

tar -czvf backup.tar.gz public_html/

Extract a tar.gz archive:

tar -xzvf backup.tar.gz

Create a ZIP archive:

zip -r backup.zip public_html/

Extract a ZIP archive:

unzip backup.zip

📋 MySQL Database Operations

Export a database to a SQL file:

mysqldump -u DB_USER -p DB_NAME > backup.sql

Import a SQL file into a database:

mysql -u DB_USER -p DB_NAME < backup.sql

Replace DB_USER and DB_NAME with your actual database username and name. You will be prompted for the password.

📋 WordPress Management with WP-CLI

If WP-CLI is installed (default on AEserver Managed WordPress), navigate to your WordPress directory first:

cd public_html

List all installed plugins:

wp plugin list

Update all plugins:

wp plugin update --all

Update WordPress core:

wp core update

Search and replace in the database (useful when migrating domains):

wp search-replace 'oldsite.ae' 'newsite.ae' --dry-run

Remove the --dry-run flag to apply changes.

📋 System Information

Check disk usage of your account:

du -sh ~

Check available disk space:

df -h

See running processes:

top

Press q to exit top.

SSH Security Best Practices

SSH is secure by design but only as secure as your habits. WordPress security data from Patchstack’s State of WordPress Security 2026 whitepaper shows that compromised credentials and unmanaged keys remain a leading attack vector. Follow these practices to keep your SSH access safe.

1. Use SSH keys instead of passwords. Keys are immune to brute-force password attacks. A 4096-bit RSA or Ed25519 key is essentially uncrackable today.
2. Always set a passphrase on your private key. If your laptop is stolen, the passphrase is your last line of defense.
3. Never share your private key. The private key is your identity. Anyone with it can log in as you. Treat it like a credit card.
4. Use a separate key per device. If your phone is lost, you can revoke that key without affecting your laptop access.
5. Rotate keys periodically. Generate new keys once a year for active accounts and remove old ones from authorized_keys.
6. Disable password authentication on VPS and Dedicated. Once SSH keys work, edit /etc/ssh/sshd_config and set PasswordAuthentication no. This stops every brute-force attack instantly.
7. Use fail2ban on VPS and Dedicated. It bans IPs after repeated failed login attempts.
8. Connect only over trusted networks when possible. SSH is encrypted, but a compromised network can still see metadata. Use a VPN on public Wi-Fi.
9. Audit your authorized_keys file. Run cat ~/.ssh/authorized_keys occasionally and remove keys you no longer recognize.

SSH hardening is one piece of a larger picture. For the broader server-side and application-side checklist, see our guide on website security best practices.

Troubleshooting Common SSH Errors

Connection Refused

You see: ssh: connect to host example.ae port 22: Connection refused

Cause: wrong port number, or SSH not enabled. Verify the port in cPanel under SSH Access. If the port is correct, SSH may not be enabled on your account, contact AEserver support.

Permission Denied (publickey)

You see: Permission denied (publickey)

Cause: your public key is not authorized in cPanel, or you are using the wrong private key. Solutions:

1. Verify the public key shows authorized status in cPanel under Manage SSH Keys.
2. Check the private key file permissions on your computer: chmod 600 ~/.ssh/id_ed25519 on Mac/Linux.
3. Specify the key explicitly:

   ssh -i ~/.ssh/id_ed25519 -p PORT username@yourdomain.com

Connection Timed Out

You see: ssh: connect to host example.ae port 22: Connection timed out

Cause: firewall blocking the connection or wrong hostname. Check from another network or test with:

ping yourdomain.com

If ping works but SSH does not, your local firewall or ISP might be blocking the SSH port.

Host Key Verification Failed

You see: WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!

Cause: server SSH host key changed (server reinstalled or migrated). If you trust the change, remove the old fingerprint:

ssh-keygen -R yourdomain.com

Then connect again and accept the new fingerprint.

No Matching Host Key Type Found

You see: no matching host key type found. Their offer: ssh-rsa

Cause: newer OpenSSH (8.8+) deprecates older RSA signatures. Add this to ~/.ssh/config:

Host yourdomain.com
  HostKeyAlgorithms +ssh-rsa
  PubkeyAcceptedAlgorithms +ssh-rsa

Frequently Asked Questions

Is SSH access free on AEserver?

Yes. SSH access is included on every AEserver hosting plan at no extra cost.

Do I need SSH for a basic WordPress site?

No. A basic blog or business site runs fine without SSH. You will benefit from SSH if you do regular plugin maintenance, large database operations, Git deployments, or run a high-traffic WooCommerce store.

What is the difference between SSH and SFTP?

SSH gives you a command-line shell on the server. SFTP (SSH File Transfer Protocol) uses the same SSH connection but only for file transfer, similar to FTP but encrypted. Both work on the same SSH port. SFTP clients include FileZilla, Cyberduck, and WinSCP.

Can I have multiple SSH keys for one account?

Yes. You can authorize as many public keys as you want in cPanel under Manage SSH Keys. Each authorized key can log in independently. This is how teams share access without sharing a single key.

What is the difference between jailed shell and root SSH?

Jailed shell (used on shared and WordPress hosting) restricts you to your own home directory and a limited set of commands. Root SSH (on VPS and Dedicated) gives you full administrative control over the entire server. Most websites only need jailed shell.

Should I use RSA or Ed25519 keys?

Ed25519 is the modern recommendation: faster, more secure, smaller files. Use RSA 4096-bit only if you connect to old systems that do not support Ed25519. Both are supported by AEserver.

What if I forget my SSH key passphrase?

You cannot recover the passphrase. Generate a new key pair and authorize the new public key in cPanel, then remove the old key from authorized keys.

Can I use SSH from my phone?

Yes. Termius (iOS and Android), JuiceSSH (Android), and Blink Shell (iOS) are popular SSH clients for mobile. Useful for emergency server access on the go.

Does SSH work over the AEserver UAE network?

Yes. SSH works on every standard internet connection in the UAE, including Etisalat, du, and most public Wi-Fi networks. The connection is encrypted end to end, so the network operator cannot see your commands or data.

How do I disable SSH access if I no longer need it?

Remove all authorized public keys from cPanel under Manage SSH Keys. To fully disable shell access on a shared cPanel account, contact AEserver support.

Summary

1. SSH access is included on every AEserver cPanel plan, including Linux Hosting, WordPress Hosting, Managed WordPress, Cloud VPS, and Dedicated Servers.
2. Generate keys locally with ssh-keygen -t ed25519 on Mac, Linux, or Windows. Generating locally is more secure than letting cPanel create them.
3. Authorize the public key in cPanel under Security > SSH Access > Manage SSH Keys before trying to connect.
4. Connect from terminal with ssh -p PORT username@yourdomain.com. The port is shown in your cPanel SSH Access page.
5. Use a passphrase on your private key, never share the private key, and rotate keys yearly for security.
6. SSH is your bridge between basic hosting and professional infrastructure, perfect for UAE businesses scaling beyond basic WordPress sites.

Conclusion

SSH access transforms your AEserver hosting from a simple website host into a flexible Linux platform. Once you have keys set up and tested a connection, you have a tool that saves hours of time on repetitive tasks and unlocks integrations like Git, WP-CLI, and automated backups.

If you hit a problem during setup, AEserver’s UAE-based support team is available 24/7 through chat or by ticket from the client portal. For VPS and Dedicated server users who want the highest level of control, root SSH is included by default, see the Cloud VPS and Dedicated Servers pages for full specs and pricing.

×