A Complete SSH Tutorial for Beginners

When you start managing websites or applications on a server, one of the first tools you’ll encounter is SSH, or Secure Shell. SSH is the backbone of secure server management, giving you encrypted access to your hosting environment without exposing sensitive data to attackers. 

For beginners, learning SSH can feel intimidating, but with the right steps, you’ll become confident in no time. We’ll walk you through what SSH is, how it works, and exactly how to use it on an InMotion Hosting account.

Before diving into commands and technical details, it’s important to build a solid understanding of what SSH really is. Beginners often overlook the foundational concepts, which can make later steps more confusing. Let’s start by answering the question: What exactly is SSH?

What Is SSH?

SSH, or Secure Shell, is a secure protocol used to connect to a remote server. Instead of logging in through a control panel or relying on unsecured methods like Telnet, SSH lets you execute commands directly in your server’s shell (command-line interface), while keeping all communication encrypted. This protects sensitive information like usernames, passwords, and file contents.

Why SSH Matters for Your Business

For many businesses, security and reliability are nonnegotiable. SSH ensures that sensitive data, from client information to website files, remains encrypted during transfer. This level of protection is crucial for compliance with privacy regulations and for maintaining customer trust, both of which directly impact your brand reputation and bottom line.

Efficiency is another major advantage of SSH for businesses. Marketing teams, agencies, and technical staff can manage multiple websites and applications more quickly through the command line than by relying solely on graphical interfaces. Whether you are updating plugins across dozens of WordPress sites or pulling analytics data for campaigns, SSH allows you to complete tasks faster and with fewer errors.

Finally, SSH scales with your growth. As your business expands, the need for automation, secure deployments, and streamlined workflows grows alongside it. Using SSH gives you the flexibility and power to handle these demands without sacrificing speed or stability. 

SSH with InMotion Hosting Plans

SSH is included with most plans on our hosting platform. It allows you to:

• Run server-level commands securely
• Manage files and directories without needing a graphical interface
• Use advanced tools like Git, Composer, and WP-CLI
• Automate tasks through scripts

This secure connection is essential for agencies, marketing teams, and founders alike because it balances flexibility with accountability. You can scale projects, manage multiple sites, and maintain high security standards, all from a simple terminal window.

Quick definition: A terminal window is a simple tool on your computer where you type commands instead of clicking with a mouse. When you use it with SSH (Secure Shell), it lets you connect safely to another computer or server over the internet. This way, you can control that server by typing instructions, like moving files, changing settings, or checking how things are running. Many people use a terminal with SSH to manage websites and keep servers working smoothly.

Now that you know what SSH is and why it matters, let’s learn how to access it. Logging in is the very first hands-on action you’ll take with SSH. Here are the different ways to log in depending on your operating system.

How to Log In to SSH

The first step in using SSH is logging in. Here’s how we recommend you do that.

SSH Login on Linux and macOS

Open your terminal.

Use the command: ssh username@servername.Replace username with your cPanel username and servername with your hosting server.

Enter your password when prompted.

SSH Login on Windows with PuTTY

Download and install PuTTY.

Enter your server’s hostname and port (usually port 22).

Click Open and log in with your credentials.

Pro tip: Always make sure you’re using the correct server name provided in your InMotion Hosting account. Logging in with the wrong server address will cause errors.

After learning how to log in, many beginners want to reduce the hassle of typing passwords every time. That’s where SSH keys come in. Let’s explore how to create them and why they’re a more secure option.

How to Generate SSH Keys

SSH keys are an alternative to password logins, offering stronger security and convenience. Instead of entering a password every time, you authenticate with a key pair (public and private).

Steps to Generate SSH Keys

Open your terminal.

Run the command: ssh-keygen -t rsa -b 4096 -C “[email protected]”.

Choose a file path or press Enter to save in the default location.

Enter a passphrase for added security.

Your public key will be stored in ~/.ssh/id_rsa.pub, and your private key in ~/.ssh/id_rsa.

After generating keys, upload the public key to your hosting account using cPanel or WebHost Manager (WHM). You can review this article to learn more about adding keys to cPanel. Once added, you can log in without typing a password every time.

Now that you have an SSH key pair, securing it with a passphrase is crucial. This ensures that even if your private key is stolen, attackers can’t use it. Let’s look at how to create strong passphrases. For more detailed information about generating SSH keys in Windows or Mac environments, please refer to this ‘How to Generate SSH Keys’ article.

How to Create a Strong Passphrase for SSH Keys

If you use SSH keys, you’ll be asked to create a passphrase. This adds a second layer of protection in case your private key is compromised.

Best Practices for SSH Passphrases

A strong passphrase should:

• be at least 12 characters long
• mix uppercase and lowercase letters, numbers, and special characters
• avoid dictionary words or predictable patterns

For example, instead of something like password123, create a passphrase such as Gr@phNeon!91Sky.

With a strong passphrase in place, you’re ready to connect to your server using SSH! This is where you’ll see how the pieces come together in a secure login process.

How to Connect With SSH

Once your SSH key is added to your hosting account, connecting is simple:

Open your terminal.

Run the command: ssh -i ~/.ssh/id_rsa username@servername.

If you set a passphrase, enter it when prompted.

You’ll now be logged in securely without needing your account password.

After you connect, the real power of SSH begins, working inside the server’s shell. This is where you’ll interact directly with your hosting environment.

Exploring Shell Access

After logging in, you have access to the shell (the command-line environment of your server).

Common Shell Commands for Beginners

• Navigate directories: cd and list files with ls.
• View file contents: cat or less.
• Edit files: nano or vim.
• Manage permissions: chmod and chown.
• Run scripts or install software.

Shell access is powerful. It gives you full control over your hosting environment, making it a must for agencies managing multiple client sites or developers deploying complex applications.

Once you get comfortable with commands, you’ll want to manage and customize your SSH keys further. This helps streamline your workflow and strengthen your security.

If you’re interested in learning more about commands in Linux, this linked collection of articles is a great place to start.

Managing SSH Keys

SSH keys aren’t just for logging in; they can be managed to improve efficiency and security.

Using Multiple SSH Keys

If you work with different servers, you may need multiple key pairs. You can organize them in your ~/.ssh/ directory and specify which key to use when connecting.

Simplifying Connections With SSH Config

Instead of typing the full command every time, create a configuration file. This can be done on Windows by creating a new file named ‘config’ in the C:Users<your username>.ssh directory in most cases. Then, copy the text below into that file, and replace placeholder information like ‘username’ with your credentials and server address.

Host inmotion

HostName servername.example.com

User username

IdentityFile C:Users<YourUsername>.sshid_rsa

Be sure to save those changes before testing your config file. You can test the config file by attempting to SSH into your server via the following command:

ssh inmotion

Rotating and Removing Keys

Regularly rotate SSH keys to maintain security. Remove old or unused keys from your server to minimize risk.

At this stage, you’ve learned how to log in, generate keys, and manage them effectively. The next step is making sure your SSH practices are secure. Let’s talk about best practices every beginner should adopt.

Security Best Practices for SSH

SSH is secure by design, but only if used properly. Applying additional security measures helps prevent common attack methods and ensures your server remains protected against unauthorized access.

Disable Root Login

Allowing direct root login can open up your server to serious risks, since root access provides unrestricted control. Instead, create a standard user account and use sudo command for administrative tasks when necessary. This way, even if an attacker guesses your login details, they won’t immediately have full system privileges. This process will require creating a new user with administrative privileges and editing the SSH configuration file located at /etc/ssh/sshd_config to set ‘PermitRootLogin’ to ‘no’, and then restarting the SSH service to apply those changes.

Restrict SSH Access

By default, SSH may be open to all incoming connections, which can attract brute-force attacks. Restricting SSH to specific IP addresses ensures only trusted machines can connect. You can configure these restrictions in your firewall settings, significantly reducing exposure to unauthorized login attempts.

Use Fail2Ban

Automated bots frequently try to brute-force their way into servers. Fail2Ban is a simple but effective tool that scans your server logs for failed login attempts and temporarily blocks offending IPs. By automatically banning suspicious activity, Fail2Ban adds an extra layer of security with minimal setup. You can learn more about Fail2Ban in this linked article.

Keep Your Keys Secure

SSH keys are only as safe as the environment they are stored in. Never share your private key, and avoid storing it in unsecured directories or devices. Always protect your private key with a strong passphrase, and back it up securely so you’re not locked out if your main system fails.

Even with strong security practices, problems can arise when connecting via SSH. Beginners often encounter common errors, so let’s review troubleshooting methods.

How To Troubleshoot SSH Connections

The truth is that even experienced users run into issues; these often include the following:

Connection Refused

• Cause: SSH service not running or wrong port
• Fix: Restart the SSH service or confirm the port number

Permission Denied (publickey)

• Cause: SSH key not recognized by the server
• Fix: Ensure your public key is uploaded correctly in cPanel

Host Key Verification Failed

• Cause: The server’s host key has changed
• Fix: Remove the old entry in ~/.ssh/known_hosts and reconnect

With the common troubleshooting tips in hand, it’s useful to understand how SSH compares to other access methods. After all, you want to understand where SSH fits in and why it’s often the better choice.

SSH can be accessed in several ways, each with pros and cons.

SSH Clients

• Built-in terminal (macOS/Linux): No extra software required, straightforward
• PuTTY (Windows): Popular, lightweight, but less modern compared to alternatives
• Termius (cross-platform): Offers sync and a polished interface, but requires a subscription for advanced features

Authentication Methods

• Password authentication: Easier for beginners but less secure
• SSH keys: More secure and scalable for managing multiple servers

File Transfer Methods

• SFTP (SSH File Transfer Protocol): Best for secure file uploads/downloads, but not for running commands

SSH vs FTP

FTP transfers files without encryption, while SSH (via SFTP) secures every transaction. For agencies and businesses handling sensitive client data, SSH is the safer and more professional choice.

SSH vs cPanel

cPanel is user-friendly and graphical, but limited compared to SSH. With SSH, you can automate tasks and perform advanced configurations that cPanel doesn’t support.

Even though SSH is powerful, beginners often make mistakes when learning. Understanding the most common pitfalls will help you avoid them.

Which Mistakes Are Common Among Beginners?

Mistaking Root Access for User Access

One of the most common mistakes is logging in as root when it isn’t necessary. Root access gives unrestricted control over the system, which means even a small error can cause major problems. Beginners should instead use a standard user account and only escalate privileges with sudo when absolutely required. This reduces risk and provides an extra layer of safety for your server.

Weak Passcodes

Using weak passcodes, such as short or predictable passwords, makes your SSH connection vulnerable. Hackers often use automated tools to guess simple credentials, which can compromise your entire server. A strong passphrase adds critical protection, especially if your private key is ever exposed. Always invest the time to create a secure passphrase that follows best practices.

Losing SSH Keys

If you misplace or delete your SSH private key without a backup, you may lock yourself out of your server. This situation can be especially frustrating if your hosting provider’s recovery options are limited. To avoid this, always back up your keys securely on multiple devices or use a password manager that supports key storage. Planning saves hours of downtime and prevents unnecessary stress.

Incorrect File Permissions

Many beginners change file permissions to 777 just to fix access issues quickly, but this creates a massive security vulnerability. With 777, anyone can read, write, and execute your files, opening the door to malicious uploads and modifications. Instead, learn proper permission levels, such as 644 for files and 755 for directories. Correct permissions strike a balance between functionality and security. For more information about file permissions, be sure to refer to the article linked here.

Summary

SSH may seem intimidating at first, but it quickly becomes one of the most powerful tools in your hosting toolkit. 

You should now know what SSH is, how to log in, how to create SSH keys and strong passcodes, and how to connect securely. You’ve seen how shell access opens the door to advanced file management and automation, and how InMotion Hosting supports you at every step. 

Whether you’re a marketer, agency, founder, or hosting partner, SSH empowers you to manage projects securely and efficiently.