IP, Root, Password, SSH
This guide explains the four credentials you receive after creating a VPS and how to use them safely.
What each item means
IP address: Network address used to reach the server.root: Superuser account with full system control.root password: Initial login secret, usually temporary.SSH: Secure remote shell protocol for server access.
First login workflow
- Identify your VPS public IP.
- Connect with the initial root password.
- Create your own admin user.
- Add SSH key authentication.
- Disable password login (or disable root password login).
Core commands
Check server IPs
ip a
Check default route
ip route
First SSH login with root password
ssh root@YOUR_SERVER_IP
Generate SSH key on your local machine
ssh-keygen -t ed25519 -C "admin@yourdomain.com"
Upload public key to server
ssh-copy-id root@YOUR_SERVER_IP
Test key-based login
ssh root@YOUR_SERVER_IP
Recommended secure baseline
After first access, apply these controls:
- Change default/root password immediately.
- Create a non-root sudo user.
- Enable SSH key authentication.
- Disable password authentication in SSH.
- Optionally disable direct root login.
- Restrict SSH with firewall rules.
Minimal SSH hardening steps
Edit SSH daemon config:
sudo nano /etc/ssh/sshd_config
Set these values:
PasswordAuthentication no
PermitRootLogin prohibit-password
PubkeyAuthentication yes
Reload SSH safely:
sudo sshd -t && sudo systemctl reload ssh
Keep your current SSH session open while testing a new one.
Common mistakes
- Losing the private key and having no fallback access.
- Disabling password login before key login is verified.
- Closing all active SSH sessions before validation.
- Reusing one shared root credential across multiple admins.
Quick checklist
- VPS IP confirmed
- SSH access works
- Admin sudo user created
- SSH key login verified
- Password login disabled
- Root access policy defined