Can’t import keys for cPanel users?

Internet

Icon from the Tango Desktop project Icon from the Tango Desktop project

So you have a webhost that accepts SFTP connections but not nessisarily SSH (it does happen). You've got used to using cPanel to add new keys for your various systems, but the latest builds of cPanel complain that the "filename is invalid" whenever you attempt to import a new key. Here's one potential workaround I figured out this evening if you already have another machine authorised.

The typical scenario

There are several different ways to do this on Mac OS X, Linux and other *nixes, but typically when I'm setting up a webhost for a friend/client I go through roughly this process.

  1. Fire up a Terminal and create a new public/private keypair. Accept the default location for the key file, and enter a password when requested.

    % ssh-keygen -b 1024 -t dsa
  2. Navigate to your home folder's ~/.ssh folder and display your new public key.

    % cd ~/.ssh
% cat id_dsa.pub

  3. Copy the resulting key in all its pseudorandom glory to the clipboard.

  4. Log into your webhost's cPanel install. Under the Security heading, choose SSH/Shell Access then push the Manage SSH Keys button.

  5. Click Import Key. Choose a name for your key, paste your new public key into the second of the two large text boxes, and click Import.

  6. Under the Public Keys heading, click the Manage Authoriszation link that corresponds to your new key, then click the Authorize button.

Done! You can now more securely access your webhost's SFTP server from that machine.

The problem

Okay so here's where we had some trouble this afternoon. After we'd gone through this process, cPanel choked after step 5 and refused to accept the new key, citing Invalid Filename as an error. Even if we left the key name as the default is_dsa, it would still return the same error.

Fortunately, there's a way to bypass step 5 by uploading our new key manually.

  1. Create the new key as before.

    % ssh-keygen -b 1024 -t dsa
  2. Navigate to your home folder's ~/.ssh folder and duplicate the new public key file with the name you would have elected to give it in step 5.

    % cd ~/.ssh
% cp id_dsa.pub your_custom_name.pub
  3. Fire up an SFTP session and upload your new public key file into your remote ~/.ssh folder.

    % sftp -oPort=[PORT] username@host
    
sftp> cd ~/.ssh
    
sftp> put your_custom_name.pub
  4. Now when you go into cPanel, you'll see your new key listed and can authorise it!

According to a cursory Google search, this is a known problem in recent builds of cPanel. Not sure when this will be fixed.

Author bio and support

Me!

Ruben Schade is a technical writer and infrastructure architect in Sydney, Australia who refers to himself in the third person. Hi!

The site is powered by Hugo, FreeBSD, and OpenZFS on OrionVM, everyone’s favourite bespoke cloud infrastructure provider.

If you found this post helpful or entertaining, you can shout me a coffee or send a comment. Thanks ☺️.