Question
Adding public key to an existing droplet failed
- Posted September 28, 2015
- DigitalOceanGetting StartedCentOS
I created a droplet and selected the “ssh key” option, without actually generating the key pair. After the droplet was created, I think I need to add a public key I locally generated on my Linux machine to the droplet, but I can’t make it work. I generate the key pair locally, and executed:
ssh-copy-id -i .ssh/id_jenkins_rsa.pub root@my_ip_address.
Now I check on the authorized_keys on the droplet, and found there are two keys, one being the added one.
But when I tried to ssh the the server, I am still asked to enter a password. How can I make it work? Can I remove the .ssh/authorized_keys on the droplet and copy my local public key file to the remote droplet?
It has been very annoying. My machine is CentOS 7. Thanks.
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Try DigitalOcean for free
Click below to sign up and get $100 of credit to try our products over 60 days!
Hello there,
You can check our article on How to Upload an SSH Public Key to an Existing Droplet
You can access the droplet from the DigitalOcean console and then temporary enable the PasswordAuthentication on your droplet and access the droplet with a password to upload the ssh-key.
If you haven’t created new pair of keys you’ll need to do that first.
You can enable PasswordAuthentication for your Droplet by modifying your
/etc/ssh/sshd_configfile. Once set to Yes restart the SSH service and connect via an SSH client for a more stable connection. You can then modify your~/.ssh/authorized_keysfile to add the appropriate public key.This change can be made from the DigitalOcean’s console. If you’re having issues accessing the console you can then reach to our amazing support team that can help you further with this.
To enable the
PasswordAuthenticationfollow these steps:sudo nano /etc/ssh/sshd_configPasswordAuthenticationfrom “no” to “yes” and save the filesudo nano ~/.ssh/authorized_keyssudo nano /etc/ssh/sshd_configPasswordAuthenticationfrom “yes” to “no” and save the fileYou can then upload the key using this command:
ssh-copy-id -i ~/.ssh/mykey user@dropletHope that this helps! Regards, Alex
Hello,
When you log in with SSH, do you identify the key with
ssh -i /path/to/private/key? This will ensure you are using the right SSH key when logging in. Sometimes, if you have alot of key pairs; the system will fail due to too many keys being passed. Make sure with the above command you change /path/to/private/key to the actual path of your private key. I imagine it’s likely .ssh/idjenkinsrsa based on your public key path.Specifying the private key you want to use, that matches the public key you added, will fix this.
As for if you can remove the keys and add them, sure! Just remove the 2 keys from the ~/.ssh/authorized_keys file on the droplet and then re-add your key. You can even add it manually if you want, but just copying it and pasting it into the file.