How to manage SSH access in Kiravo

SSH gives you a command-line shell on the server hosting your website — useful for running WP-CLI, git pull/push operations on your repo, manual file operations beyond what the File Manager handles, and any scripting your workflow needs. To set it up, open your website’s Advanced dropdown, choose Developer tools, then either SSH key manager (for key-based auth, recommended) or SSH password authentication (for password-based auth).

Key-based authentication is the recommended approach — it’s both more secure and more convenient once set up.

Option 1: SSH key authentication (recommended)

With key-based SSH, you generate a key pair on your computer (public + private). You upload the public key to Kiravo, and keep the private key on your machine. To connect, your SSH client proves possession of the private key, which Kiravo verifies against the public key. No password needed.

Generate a key pair (if you don’t have one)

On macOS or Linux, open a terminal and run:

ssh-keygen -t ed25519 -C "your.email@example.com"

Press Enter to accept the default path (~/.ssh/id_ed25519). Optionally enter a passphrase (recommended — it encrypts the private key at rest, in case your laptop is stolen).

On Windows, do the same in Windows Terminal or Git Bash — both ship with ssh-keygen.

The command creates two files:

~/.ssh/id_ed25519 — your private key. Never share this. Never paste it anywhere except your own SSH config.
~/.ssh/id_ed25519.pub — your public key. This is what you upload to Kiravo.

Upload the public key to Kiravo

From your website’s dashboard, click Advanced in the top menu bar.
Choose Developer tools.
In the sidebar on the left, click SSH key manager.
Click Add.
Paste the contents of your ~/.ssh/id_ed25519.pub file (or upload the file directly).
Click Save.

The key is now installed on the server. You can repeat this with as many keys as you need — one per device, for example.

Connect

In your terminal:

ssh -p 22 username@server-ip

The exact username and server-ip are shown in the SSH password authentication section (see below) under “Login command” — same connection details, just authenticating with a key instead of a password.

If your private key is at a non-default location, add -i path/to/key:

ssh -p 22 -i ~/.ssh/your_key username@server-ip

You should land in a shell on the server.

Option 2: SSH password authentication

If for some reason a key isn’t an option, you can use password authentication. This is less secure but simpler to set up.

Set the password

From the website’s dashboard, click Advanced in the top menu bar.
Choose Developer tools.
In the sidebar on the left, click SSH password authentication.
The section shows:
- A ready-made Login command (e.g. ssh -p 22 username@server-ip) you can copy and paste into your terminal.
- A Password field with a Reset button.
Click Reset to set or regenerate the SSH password. The new password is shown once — copy it somewhere safe immediately.

Connect

Paste the Login command into your terminal, then enter the password when prompted.

What you can do once you’re in

Once you have a shell, you can use it for any of:

Running WP-CLI commands. Most Kiravo WordPress sites have WP-CLI available — try wp --info once connected.
Git operations. git clone, git pull, etc., against any remote repo your account has access to.
File operations. cp, mv, tar, grep, all the normal tools.
Cron jobs as one-offs. The panel has a dedicated cron jobs tool for scheduled tasks, but you can run a single command interactively over SSH too.
Database operations from the command line. mysql -u user -p database for direct SQL access if you prefer the CLI over phpMyAdmin.