Add SSH key after creating a droplet

Posted May 14, 2014 136.5k views
Hi There, I did not add the SSH key before creating the droplet. Now my server is all set and is about to go live. I cannot setup another one but really need to add an SSH key. Is there any way I could do that. Also I cannot se any droplet resize option available, any ideas why is that? I'm currently running LAMP on Ubuntu 12. 512 MB droplet. Thanks.

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
12 answers
To add a SSH key after the creation of the droplet, you need to add the contents of the public key to the file ~/.ssh/authorized_keys You can do that by running this on your local computer:

cat ~/.ssh/ | ssh root@your.ip.address "cat >> ~/.ssh/authorized_keys"

You need to power down the droplet before you can resize it.

Exactly! I had to add an SSH key to an existing droplet but couldn’t log in via SSH because of “permission denied (publickey)” so all these instructions are not working if you disabled password login. I lost a lot of time trying to get access to my droplet from a new computer. The only solution was to get my old computer and log in from there with the old SSH key. The Digital Ocean console is completely non-functional. It just doesn’t work. If I paste in my SSH key it gets altered, upper-case letters become lower-case letters, the string is cut off in the middle etc. and it’s extremely slow and non-responsive. All in all a very frustrating experience!

  • totally agree. it’s weird they haven’t added on dashboard to add new ssh keys on a existing droplet. the web console is literally really bad, pasting the ssh key doesn’t work…

  • Yes, I experienced the same thing today:

    “ If I paste in my SSH key it gets altered, upper-case letters become lower-case letters, the string is cut off in the middle etc. and it’s extremely slow and non-responsive.”

    And even I updated the “authorized_keys” with my new public SSH key after enabled the passwordLogin and remoteLogin on using the DigitalOcean’s frustrating terminal, still can’t login with noPassword option.

  • We have had some users ask us about the exact situation at where they needed to create a backup but did not have access to their droplet (locked out).

    A solution that works in this case to access your data is:

    1. Take a snapshot of your droplet from DigitalOcean
    2. Create a droplet from the snapshot taken - right here you will be given the option to add an SSH key, add your new one or even choose password auth.
    3. After the new droplet is created, you can SSH using your chosen key to the new droplet and access your old data.
    4. You may delete the old droplet and update your DNS and apps to use the new IP address - or if you are using a floating IP then just let it point to the new droplet!

    Hope this helps.

These answers are all great, accept whenever I try to connect to my digital ocean server I get, ‘permission denied (publickey)’ when using any username set up including root and therefore I cannot add the key?

I would advise this guide here for the first part of your question:
You definitely can add an SSH key after creating a droplet. See How To Set Up SSH Keys.
Also I cannot se any droplet resize option available, any ideas why is that?
It could be that the physical server that your droplet is on does not have enough available space to resize your droplet -- can you post a screenshot of the resize page?
To resize the droplet, you're going to need to take a snapshot and then spin it up as a new droplet. A great guide can be found here.

I didn’t see this in the answers below.
But if you already have a public key that you want to reuse, you can just add it to ~/.ssh/authorized_keys file.

For anyone finding this via Google that found this answer: logging into your droplets via SSH on a Windows machine where you might be using a specialized client to generate your keys, the command asb uses in this comment thread doesn’t work, and there really aren’t any answers to tell you why.

Here’s an explanation. For a quick command-line copy and paste answer, scroll to the bottom of this comment. Breaking down the command:

cat ~/.ssh/

On a *NIX machine, this would output your local public SSH key.


The pipe character is standard Shell-speak for “piping” data into the stdin (input console) of a program or file handle. An easy way to remember it is the output of the command on the left will be received as input for the command on the right.

ssh root@your.ip.address "cat >> ~/.ssh/authorized_keys"

This is standard use of the SSH command, except the part in quotes actually encloses a command to send to the server you’re SSHing into.

What this adds up to mean is “output my local public key into the authorized_keys file on the server I’m SSHing into”. Which, on Windows, unless you use a platform like Cygwin for all of your SSH, means it wouldn’t work, because Windows isn’t a *NIX-style platform.

Solution for Windows users using native SSH clients: Paste the following into a root shell on your droplet:

echo "YOUR_SSH_PUBKEY_GOES_HERE" >> ~/.ssh/authorized_keys

Your SSH key should now be authorized on the droplet.

Here is the working guide on how to add a SSH key to existing droplet (for Windows users)

Previous 1 2 Next