Cherry Servers
Log In Sign up

Improved SSH Security for Bare Metal Server Deployments

Improved SSH Security for Bare Metal Server Deployments
Mantas Levinas
#News
Published on Mar 8, 2026 Updated on Mar 9, 2026

We’ve introduced a small but important security improvement to how SSH access is configured when deploying or rebuilding dedicated bare metal servers.

Starting today, if you choose SSH key authentication during server installation, a root password will no longer be created or displayed in the client portal. In this case, access to the server will be possible only through the selected SSH key.

This change helps reduce the risk of brute-force attacks targeting the root user and aligns with common security practices used by many modern Linux distributions.

#What changed

When deploying or reinstalling a server:

If an SSH key is selected during installation:

  • No root password will be generated
  • No root password will appear in the client portal
  • Server access will be available only through the SSH key

If no SSH key is selected:

  • A root password will be generated
  • The password will be visible in the client portal
  • Access will work as before using password authentication

#Why this change matters

Password-based root access is one of the most common targets for automated brute-force attacks. By removing the root password when SSH keys are used, the server starts in a more secure state from the moment it is deployed. Many operating systems already follow this approach by default, and we are aligning our deployment process with these security best practices.

#Full control after deployment

Once connected to the server using your SSH key, you can still configure the system exactly as needed. For example, you can:

  • Set a root password
  • Modify SSH authentication settings
  • Adjust server security policies
  • Configure users and access methods

This change simply ensures that the initial server handover starts with a more secure configuration.

#No changes for password-based setups

If you prefer to use password authentication, you can still do so by deploying the server without selecting an SSH key. In that case, the root password will be generated and displayed in the portal as before.

This update helps ensure that servers delivered to customers start with stronger default security while keeping full flexibility for customization.

If you have any questions about SSH access or server configuration, our support engineers are available 24/7.

Need help? We're here 24/7

Connect with our support team in just 15 seconds on average via live chat, ticket, phone, email, Telegram, or Discord.

Buy a Dedicated Server with Crypto

We accept Bitcoin and other popular cryptocurrencies.

Configure Server
Share this article

Related Articles
#News
Published on Mar 2, 2026 Updated on Mar 2, 2026

iPXE Now Available for Cherry Servers Dedicated Bare Metal

Cherry Servers now supports iPXE installation for dedicated bare metal servers, giving advanced users full control over operating system deployment.

Read More
#News
Published on Feb 16, 2026 Updated on Feb 18, 2026

Supporting NEAR Validators Through Partnership With Meta Pool

We’re working together with Meta Pool to support the next Node Studio validator cohort on NEAR, making it easier for new validators to get started with reliable infrastructure.

Read More
#News
Published on Feb 16, 2026 Updated on Feb 18, 2026

Cherry Servers Launches Local Ubuntu and Debian Mirrors

As of today, Cherry Servers rolling out dedicated local Ubuntu and Debian mirror servers across all our locations to deliver faster package updates and security patches.

Read More
No results found for ""
Recent Searches
Navigate
Go
ESC
Exit
We use cookies to ensure seamless user experience for our website. Required cookies - technical, functional and analytical - are set automatically. Please accept the use of targeted cookies to ensure the best marketing experience for your user journey. You may revoke your consent at any time through our Cookie Policy.
build: 1e2de15c4.1695