SSH key authentication is more secure than password-based login and is the recommended way to access your servers. This guide explains how to generate a key pair and upload the public key to LightYear.
Generate an SSH Key Pair
macOS and Linux
Open a terminal and run:
$ssh-keygen -t ed25519 -C "[email protected]"You will be prompted to choose a file location (press Enter to accept the default ~/.ssh/id_ed25519) and an optional passphrase.
Generating public/private ed25519 key pair.
Enter file in which to save the key (/home/user/.ssh/id_ed25519):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/user/.ssh/id_ed25519
Your public key has been saved in /home/user/.ssh/id_ed25519.pub
The key fingerprint is:
SHA256:abc123xyz... [email protected][!TIP] Use a passphrase for additional security. You can use
ssh-agentto avoid re-entering it on every connection.
Windows (PowerShell)
$ssh-keygen -t ed25519 -C "[email protected]"The key pair is saved to C:\Users\YourName\.ssh\id_ed25519 and id_ed25519.pub.
View Your Public Key
$cat ~/.ssh/id_ed25519.pubssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAI... [email protected]Copy the entire output — this is your public key.
Upload the Public Key to LightYear
- Log in to the LightYear control panel.
- Navigate to Account → SSH Keys.
- Click Add SSH Key.
- Paste your public key into the text field.
- Enter a descriptive label (e.g.,
MacBook Pro 2024). - Click Save.
The key is now available to select when deploying new servers.
Add a Key to an Existing Server
If you need to add a key to a server that is already running:
$ssh-copy-id -i ~/.ssh/id_ed25519.pub root@YOUR_SERVER_IPOr manually append the public key:
$echo "YOUR_PUBLIC_KEY" >> ~/.ssh/authorized_keys$chmod 600 ~/.ssh/authorized_keys[!IMPORTANT] Always test the new key in a second terminal session before closing your existing session. This prevents being locked out if the key was not added correctly.