Manage SSH Keys

How to Set Up SFTP with cPanel


Security is always something you want to get a headstart on: the harder your site is to crack, the less likely people are to waste their time trying, when there’s thousands of other websites they can prey on.

One tactic I use on my sites is to connect to my server using SFTP, which is a much more secure method than FTP or FTPS, as it employs SSH: a key-driven encryption method, and all of your data is transmitted securely (FTP is actually pretty insecure, and you should avoid it if at all possible).

I even go so far as to close port 21 (FTP port) on my servers so that FTP isn’t even an option.

Anyway, know that you know why you should use SFTP, here’s how to actually do it:

Get your SSH keys

First of all, you need to create an SSH key pair. Log into cPanel and head for the SSH/Shell Access section. Then click on the Manage SSH Keys button. Unless you’ve done this before, there should be no keys on your server. So you can go ahead and click on Generate a New Key.

The key name can be anything you wish – it’s just for reference really. Then, enter a strong and random password (after all, why bother connecting with SFTP if you’re going to use a password like abc123) and write it down if you can’t remember it. As for the Key Type, I prefer RSA, and I make my Key Size 4096 (most secure).

Then click on Generate Key and cPanel will take a few seconds to generate your key pair. When you go back to the Manage SSH Keys section, you should see your key pair (one public and one private).

Manage SSH Keys

The next thing you want to do is authorize the keys for use: just because they exist, doesn’t automatically mean they can be used. So click on Manage Authorization and click on the Authorize button.

Lastly, you want to download your private key, in a special format, called ppk format. So, click on View/Download on the private key and enter your key password from when you created the pair, and convert the key into ppk format. The next page will then offer you the ability to download the .ppk file.

Using the key to connect using SFTP

Now, using an SFTP-enabled client, like WinSCP (Windows), FileZilla (Windows/Mac), or Transmit (Mac), create a new connection. Enter your server address and your cPanel username. You can leave the password field blank. Make sure that the connection type is SFTP, and you should be prompted for a key. This is the .ppk file you downloaded earlier. Load that up and click on connect.

You’ll have to enter the password for your key (not cPanel, unless you set them to be the same), and you should now see your files come up, as if you had connected by FTP, except that you’re now much more secure.

Categories: Security | Permalink

What next?

Hire me

If you couldn't quite manage this yourself, find it too intimidating, or just don't have the time to do it, you can always hire Dave to do it. Please get in touch so that we can discuss your needs.

Leave a comment

If you have a question, update, or comment about the tutorial, please leave a comment. I try and respond to every comment, though it may take a few days, so please check back soon.

Let a WordPress Expert help you

Do you want to try this, but feel like you need a helping hand, in case something goes wrong? My service, The WP Butler, gives you access to WordPress expertise whenever you need it. Better yet, I'll keep your site backed up, updated and secure, so that you don't have to worry about it. It's all part of the service. Use coupon DIWW and save 15% on all plans.

Visit The WP Butler


Dave has been tinkering with WordPress for many years, and he now shares his WordPress knowledge here on Do It WIth WordPress to help others realise its impressive power. He can also be hired to help with your WordPress needs. Dave, who is British, is married to his best friend, Marti, with whom he has a beautiful daughter, Ellie. When he's not dabbling with WordPress, he's probably eating Triscuits or hummus, watching an indie film or British TV show, spending time with friends or family, or exploring the world.


  1. Hi,
    Thanks for this post. I’m having some issues connecting using Transmit. Where do I put the .ppk file?

    • In Transmit, when you set the connection type as SFTP, at the end of the password field, you’ll see a key button. That’s where you select the key. However, it’s not the ppk key you need. It’s the private key that you need.

Leave a Reply