If I selected the password option when creating my droplet, is it possible to change it to SSH? Thanks
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Hey there!
Absolutely, you can switch from password authentication to SSH key authentication on your DigitalOcean Droplet. Here’s how you do it:
-
If you haven’t already, you need to generate an SSH key pair. Open your terminal and use the following command:
ssh-keygen -t rsa -b 4096 -C "your_email@example.com"Follow the prompts to save the key and add a passphrase if desired.
-
Your public key will be saved in
~/.ssh/id_rsa.pubby default. Use this command to copy it:cat ~/.ssh/id_rsa.pubCopy the output to your clipboard.
-
Log in to your Droplet using the password you set up:
ssh root@your_droplet_ip -
Once logged in, create a
.sshdirectory and anauthorized_keysfile if they don’t exist:mkdir -p ~/.ssh echo "your_copied_public_key" >> ~/.ssh/authorized_keys chmod 600 ~/.ssh/authorized_keys chmod 700 ~/.ssh -
Open the SSH configuration file:
nano /etc/ssh/sshd_configMake sure the following lines are set:
PubkeyAuthentication yes PasswordAuthentication no -
To apply the changes, restart the SSH service:
systemctl restart sshd -
Open a new terminal window and try logging in again with your SSH key:
ssh root@your_droplet_ip
If you have any questions, feel free to ask. Happy coding!
- Bobby
Heya,
Yes, you can do that and it’s even a more reliable method to keep your Droplet safe, so it’s a good choice to change it up!
What you’ll need to do is deploy your ssh public key to your Droplet and enable PubkeyAuthentication in your sshd config.
So, let’s begin
Once inside the Droplet, open the file /root/.ssh/authorized_keys and paste your public key there. If there isn’t a .ssh directory in your /root folder, you can create the structure like so:
mkdir -p ~/.ssh
echo "your_copied_public_key" >> ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
chmod 700 ~/.ssh
Once that is done, open your sshd config:
nano /etc/ssh/sshd_config
Inside you’ll need to find the line PubkeyAuthentication and uncomment it or you can just add it as a new line
PubkeyAuthentication Yes
Also, if you want to stop PasswordAuthentication, find the line and set it to No
PasswordAuthentication no
Once that is done, save the file, exit it and restart your SSHD service
service sshd restart
That’s it. You can now use your SSH key to enter your Droplet.
Heya,
Yes, as mentioned this is totally doable. On top of what’s already been mentioned I’ll include this article on how to add ssh-keys to existing droplets which you can use to add your key to the droplet.
https://docs.digitalocean.com/products/droplets/how-to/add-ssh-keys/
Hope that this helps!
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and SMBs
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.