This guide explains how to access your KVM server using SSH (for Linux-based systems) and how to use the control-panel web console when SSH is unavailable. It also includes RDP notes for Windows VPS and a troubleshooting checklist.
Prerequisites
| Server IP / Hostname | YOUR.SERVER.IP or vps.example.com |
| Username | root (Linux) or Administrator (Windows). Some Linux images use ubuntu, debian, centos, etc. |
| Authentication | Password or SSH key pair (recommended) |
| Port | Default SSH 22/tcp (unless you set a custom port). RDP for Windows: 3389/tcp. |
Option A — SSH from macOS / Linux
- Open Terminal.
- Connect with your user (replace values):
ssh [email protected] - On first connect, confirm the host key fingerprint with yes.
- Enter your password (if using password auth) or unlock your private key if prompted.
Using a custom SSH port:
ssh -p 2222 [email protected]Connecting over IPv6: enclose the address in brackets.
ssh root@[2001:db8:1234::10]Option B — SSH from Windows
1) Windows Terminal / PowerShell (built-in OpenSSH)
- Open Windows Terminal or PowerShell.
- Run:
ssh [email protected] - Accept the host key, then enter your password or key passphrase.
2) PuTTY (if you prefer a GUI)
- Open PuTTY, enter Host Name:
YOUR.SERVER.IPand Port:22, Connection type:SSH. - (Optional) Set auto-login username at Connection > Data → root.
- (If using a key) Convert/import your private key in PuTTYgen and add it under Connection > SSH > Auth → Private key file.
- Click Open, accept the host key, and authenticate.
Using SSH Keys (recommended)
Generate a key pair
- macOS/Linux:
ssh-keygen -t ed25519 -C "[email protected]" - Windows (PowerShell):
ssh-keygen -t ed25519
This creates a private key (keep secret) and a public key (shareable) in ~/.ssh/. Upload the .pub key in the server creation page or paste it to ~/.ssh/authorized_keys inside the server.
Install your public key on the server
- Automatic (from another Linux/macOS host):
ssh-copy-id -i ~/.ssh/id_ed25519.pub [email protected] - Manual:
mkdir -p ~/.ssh chmod 700 ~/.ssh echo "PASTE_YOUR_PUBLIC_KEY_HERE" >> ~/.ssh/authorized_keys chmod 600 ~/.ssh/authorized_keys
After confirming key login works, you can disable password login for higher security (see “Harden SSH” below).
Accessing the Control-Panel Web Console
If SSH is blocked or you misconfigured the firewall/SSH, use the provider’s web console (VNC/Serial) from your service dashboard:
- Open your client area and select the KVM VPS.
- Use actions like Start, Shutdown, Reboot, Console, Reinstall, Reset root/Administrator password.
- Click Console to get an in-browser screen/keyboard for emergency access (works even if SSH is down).
From the console you can fix firewall rules, repair sshd, or revert network changes.
Windows VPS — RDP Login (if your OS is Windows)
- From Windows: Press Win + R, type
mstsc, click Connect, enterYOUR.SERVER.IP, user Administrator, then your password. - From macOS: Install “Microsoft Remote Desktop” from the App Store, add a PC with
YOUR.SERVER.IP, connect as Administrator. - Ensure the Windows firewall allows RDP (Inbound rule for
3389/tcp). The control panel console can help if you need to enable it locally.
Post-Login: Basic Hardening
- Create a non-root sudo user
adduser adminuser usermod -aG sudo adminuser - Harden SSH (edit
/etc/ssh/sshd_config):PermitRootLogin no PasswordAuthentication no PubkeyAuthentication yes # Optional: move SSH to a non-default port # Port 2222Then reload the service:
sudo systemctl reload sshd(Debian/Ubuntu) orsudo systemctl reload sshd(RHEL/Alma/Rocky). - Enable a firewall:
- UFW (Debian/Ubuntu):
sudo ufw allow 22/tcp sudo ufw enable sudo ufw status - firewalld (RHEL/Alma/Rocky):
sudo firewall-cmd --add-service=ssh --permanent sudo firewall-cmd --reload
- UFW (Debian/Ubuntu):
- Install Fail2ban (optional) to limit brute-force attempts.
- Keep packages updated:
apt update && apt upgrade -yordnf update -y.
Change SSH Port (optional)
- Edit
/etc/ssh/sshd_configand set e.g.Port 2222. - Allow the new port in your firewall:
- UFW:
sudo ufw allow 2222/tcp - firewalld:
sudo firewall-cmd --add-port=2222/tcp --permanent && sudo firewall-cmd --reload
- UFW:
- Reload SSH:
sudo systemctl reload sshd - Next login:
ssh -p 2222 [email protected]
Troubleshooting
- Timeout / No route — Server is off, wrong IP, network block, or firewall drop.
- Check power state in the control panel; use Console if needed.
- From your computer:
# Linux/macOS ping -c 3 YOUR.SERVER.IP nc -vz YOUR.SERVER.IP 22 # Windows PowerShell Test-NetConnection YOUR.SERVER.IP -Port 22
- Connection refused — Host reachable but SSH not listening.
- Start SSH via console:
sudo systemctl enable --now ssh # Debian/Ubuntu sudo systemctl enable --now sshd # RHEL/Alma/Rocky - Confirm port with:
sudo ss -tulpn | grep ssh
- Start SSH via console:
- Permission denied (publickey) — Key missing or wrong user.
- Ensure your public key is in
~/.ssh/authorized_keys. - Fix permissions:
chmod 700 ~/.ssh chmod 600 ~/.ssh/authorized_keys - Try the correct default user (e.g.,
ubuntuon Ubuntu cloud images).
- Ensure your public key is in
- Host key verification failed — The server was reinstalled or IP reassigned.
- Remove the old key on your device:
ssh-keygen -R YOUR.SERVER.IP - Reconnect and accept the new fingerprint.
- Remove the old key on your device:
- Port blocked by ISP or network — Try a different port (e.g., 443) and allow it in the firewall.
- Login very slow — DNS reverse/lookup delays; set
UseDNS noinsshd_configand ensure/etc/hostshas your hostname.
Where to find your credentials and console
In your hosting dashboard, open the service details page for your KVM VPS to view the IP addresses (IPv4/IPv6), current SSH/RDP credentials, ISO/reinstall options, reverse DNS, and the Console button for emergency access.
Tip: After confirming that key-based SSH works on a non-root user, disable password logins and root SSH access for maximum security. Always keep a working console path in case you lock yourself out.