Adding ssh key to existing droplet in Digitalocean is bothering you? We are here to assist you .

Bobcares responds to all inquiries, large and small, as part of our DigitalOcean Managed Service.

Let’s have a look at how our Support team helped a customer add an ssh key to an existing Digital Ocean droplet.

Add SSH Key to Existing Digitalocean Droplet

Droplets are Linux-based virtual machines (VMs) that run on virtualized hardware in DigitalOcean. Each Droplet is a new server that we can use independently or as part of a larger cloud-based infrastructure.

We can’t add or change the SSH keys on our Droplet after we create it because of security concerns. However, we have several command-line options for adding and modifying them. We can upload keys if we already have SSH access to the Droplet:

• Using ssh-copy-id on our local computer
• By piping the contents of the key into the ~/.ssh/authorized_keys file from our local computer.
• By manually adding the public key to our Droplet via SSH.

Use the Recovery Console to reset the root user password if we can’t connect to our Droplet at all. We can either manually add our key from the console or temporarily enable password authentication to add the key via SSH once we’ve logged in.

Using ssh-copy-id on our local computer

If we have password-based access to our Droplet, we can use ssh-copy-id to copy our SSH key. Substitute our Droplet’s IP address.

ssh-copy-id username@ipaddress

This prompts us for the password for the remote user account. The contents of our ~/.ssh/id_rsa.pub key are appended to the end of the user account’s ~/.ssh/authorized_keys file after typing in the password.

Now use “ssh ‘username@ipaddress'” to log in to the machine and double-check that it adds only the keys we wanted. It copies our key after we enter the password, and we can log in without it.

Piping into ssh with Password-Based Access

We can pipe the contents of the key into the ssh command if we don’t have the ssh-copy-id utility but still have password-based SSH access to the remote server. Verify that the ~/.ssh directory exists on the remote side, and then append the piped contents to the ~/.ssh/authorized keys file. For our Droplet, substitute the IP address and username.

cat ~/.ssh/id_rsa.pub | \

ssh username@ipaddress "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys"

We are then asked to provide the remote account password. It copies our key after we enter the password, and we can log in without it.

Manually from the Droplet without Password-Based Access

We must manually add our public key to the remote server if we do not have password-based SSH access. Output the contents of our public key on our local machine.

cat ~/.ssh/id_rsa.pub

Copy the result.

ssh-rsa pnnN9LFdYH3-dFP$vPmftF2a8r+T9y$@KLN2gQxgvPsQ^^4Hh5?HrB5krnCSchj3Z4tf_hxS@rchGTLgjZ8mt6L5GvMq9G!w+nF$6ft6m3a83GUCYzmD!&^BZj28cxNN69@ebUpcR+!f+Z8J?VGTUmzb&CBchJT&GWPUW$5@-UbC+5=rWLKUavb!q-2acPEWrYRjBVz=?kGXvw9AN%Rqx+t3bqncU&k9AsS5CwA@T-x*-J??@Sp5r+-z_@f^4t2A?2Kxqu9e@p&8MbJ6k3ztPRDc=3&_wqc%$cX_j-mwBXBdTgWb-vRW_4haAfaWNHprY4rQRD-3gjbkvsJcxz&Y%r=Df2NtCSJe4XP=2r#-3CFMrtaHZRwnxGA2#XU_H92JBKNUKc6^B^cd!5T6FdmXDUh@a5&pjgJw?6NJu^Nh4FDSk^&D99Ez3mNQg*!JE9R#W#9E?!gqzrut#2_BBdtT@xuWcCr8zY@XdaaFC-nRVC9?@GhVhpQJGzk&u9Un_6RC== username@ipaddress

If the ~/.ssh directory does not already exist, log in to our Droplet using our local terminal:

mkdir -p ~/.ssh

We’ll need to add our SSH key to an authorized_keys file in this directory. The public keys listed in that file can be used to log in as this user on the server.

Create the ~/.ssh/authorized_keys file and edit the file using nano

nano ~/.ssh/authorized_keys

Right-click in our terminal and select Paste, or use a keyboard shortcut like CTRL+SHIFT+V to paste the contents of our SSH key into the file. Then, save and close the file.

We’ll need to update permissions on some of the files once the authorized keys file contains the public key. Specific restricted permissions are required for the ~/.ssh directory and authorized keys file (700 for ~/.ssh and 600 for authorized keys). We won’t be able to log in unless they do. Finally, Examine the file permissions and ownership.

chmod -R go= ~/.ssh
chown -R $USER:$USER ~/.ssh

[Looking for a solution to another query? We are just a click away.]

Conclusion

To sum up, our Knowledgeable engineers assisted a client in adding an ssh key to an existing Digital Ocean droplet.