This description is for Windows users wanting to access a secure shell at bluehost.com.
Bluehost has requirements that you provide a government issued picture id, which matches your cPanel Contact/Billing info. So to streamline the process, make sure you go to cPanel, Preferences section, Update Contact/Billing Info, and make the name there match the information on your id.
Proceed to cPanel, Security, SSH/Shell Access, and submit a request. Note that while you can and should browse to the file containing your picture id, this isn't sufficient... as you proceed with the ticket request, you will come to a page where you can attach files to the ticket... be sure to attach the picture id file at that point also.
Bluehost support is pretty responsive to their tickets, and you will likely get a quick response. Meantime, you can do some of these other steps.
You can ignore the key generation and manipulation options found on the same page: I couldn't get them to work, and there is no need for Bluehost to ever see your private key anyway. Generate your private key on your computer, using your software.
Go to the PuTTY Download Page and download the full installer, and install the software.
Run the PuTTYgen program from Start / Programs / PuTTY / PuTTYgen. Choose your parameters. The defaults are probably fine. You can change the number of bits if you like, I only tried the SSH-2 RSA type key, the others may also work with bluehost, feel free to experiment. Click Generate as shown below.
Move the mouse around in the blank area until the progress bar reaches 100% and other activity starts to happen.
You get something like this:
Adjust the key comment to be meaningful, probably include your domain and/or bluehost. Leaving the date part intact might be helpful to remind you when you generated the key (date is in the format YYYYMMDD). You must also provide a key passphrase at this point, the same in two boxes. Pick a long phrase, but one that you can type quickly.
Save the public key.
Make a special directory for holding keys, somewhere secure. Perhaps a thumb drive would be appropriate. Choose a name that reflects the usage of the key. Don't lose these files. There may be reasons to share the public key with other entities than bluehost.
Save the private key in the same location. You should never share the private key with anyone, nor is it necessary to upload it to bluehost.
Click in the key fingerprint area, and then type Shift-TAB. That should select the whole field above, called "Public key for pasting into OpenSSH authorized_keys file:"
Type Ctrl-C to copy the key, open a good text editor that doesn't wrap long lines, and paste the key into a file called "authorized_keys" in the same directory as the other keys were saved. Upload this file into your bluehost server (using FTP or the cPanel file manager), to the .ssh directory in the root area of your domain hosting account (.ssh and public_html should be sibling directories).
Now you can exit PuTTYgen.
Start up PuTTY.
Choose the category Data.
Fill in the Auto-login username field.
Expand the SSH category under Connection.
Choose the category Auth.
Click the Browse button, and browse to the directory you have your keys in. Only the one file will show, the private key with the .ppk extension. Select that file, and click Open.
This should fill in the "Private key file for authentication:" box in the Auth section.
Scroll up the Category list...
Choose the category Session
Fill in the Host Name field with your domain name (no www. prefix)
Fill your domain name into the Saved Sessions box, and click Save.
Now you have a saved session of that name. Wait until bluehost responds positivily to the ticket you opened above. Click Open.
You will be prompted for your key passphrase. Type it in. Alternately, copy it from somewhere that you have it saved, and paste it in. (The way to paste the clipboard into a PuTTY session is just to right click in the PuTTY window.) You should now be logged in to bluehost at a shell prompt. Success! If not, review the above steps, and see which one(s) you missed.
You can copy (don't move it) the PuTTY shortcut from the start menu to somewhere else (or even there in the start menu), and modify the properties. The goal is to avoid selecting the session each time. In the properties window Target: box, add to the end of the text that is there, the text -load "mydomain", as shown:
You can avoid filling in the key passphrase every time you use PuTTY for a common session, by using Pageant. Run Pageant before PuTTY, select the key, and fill in the passphrase, and then leave it run all day, and it will automatically fill it in for all PuTTY sessions that use that key.
For SFTP, you can use the same certificate (the FileZilla FTP client is recommend by bluehost, and also by me, and it will convert the certificate to not have a passphrase). Although bluehost supports individual FTP accounts for various directories, SFTP can only be used with the main cPanel hosting account credentials, and opens at the root directory of the bluehost server, rather than the hosting account home directory. Do not include the domain name as part of the username when using SFTP.
This page is based loosely on this other page but has been made more specific to bluehost, has been reworded, and uses different screenshots. Maybe the other wording is better for you.