Related

Join the DigitalOcean Community Community

Join 1M+ other developers and:

  • Get help and share knowledge in Q&A
  • Subscribe to topics of interest
  • Get courses & tools that help you grow as a developer or small business owner
 Join Now
DOCTL "Access Token is Required" even after initializing Question Question
i can not connect my Database to my webservice Question Question

Question

API: Adding SSH key when creating a droplet

Posted May 29, 2015 20.2k views
API

When creating a droplet via the API, you can pass in an SSH key.

What is the format of the key? I am guessing it would be like this, based on return value of the List All Keys API:

{“sshkeys”:[{“id”:263654,“fingerprint”:“11:37:44:86:62:15:86:5f:0c:7d:41:0b:39:cb:3c:44”,“publickey”:“ssh-rsa ZZZB3NzaC1yc2EAAAADAQABAAABAQC6vHxLRqVEN2Ze9f8ii634wP5f0Ysua+zqcedJFy8D6/biGE2b0pr0fZoB0lyypu3d6uxt8DvxNNRSgcDiZ6JUoTqPWVY252xgaykghBuNsTSFboAT+c/J9/8GQnTJx5PbiUAMeOBsQ6bU3rkhidhsxDyUzp8PyvTHZxopuCZ/QD/qTRgnpXLiV5/RiKMfg69dRLpG9nTWAfXKb4cwBQesPvfSzPemyMWorkLRbnGlDH3s81yIRNDTO9/LKMIPov715lXF4njbvazSnqjLMLNW4MTvSpUt6LFBv4gKCHgqK0V68QV4Py6BDWhpI0nyzZRlnAxKThbJ3nGDThc4d8m5x tom@tomsmacbook.local”,“name”:“For tomsmacbook”}],“links”:{},“meta”:{“total”:1}}

I am still a little fuzzy about SSH and so am not sure exactly what SSH key to pass in. I am guessing I want it to be the public key file (named id_rsa.pub by default) that was created at the same time as the private key my machine uses?

Thanks much.

P.S. Key contents, machine IDs, etc. were changed to protect the innocent.

Add a comment
tomcampbell
By:
tomcampbell

Related

Join the DigitalOcean Community Community

Join 1M+ other developers and:

  • Get help and share knowledge in Q&A
  • Subscribe to topics of interest
  • Get courses & tools that help you grow as a developer or small business owner
 Join Now
DOCTL "Access Token is Required" even after initializing Question Question
i can not connect my Database to my webservice Question Question
5 comments
  • tomcampbell May 30, 2015
    Reply Report

    Still not working, but I think it should probably be closer to this (TOKEN is a valid token defined in my environment):

    curl -D - -X POST -H "Content-Type: application/json" -H "Authorization: Bearer $TOKEN" -d '{"name":"git","region":"nyc3","size":"512mb","image":"ubuntu-14-04-x64","ssh_keys":[{"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDN5Z0EHKo09iLXvsggp1epyjhisZ2W3MG8LBuDSW/cQQXl66kcb8Vd1tp9sEZ9EkqWNtmikl22k4QQeLSD59EvXMvwxlBWWq8V8+aro6DcJTDfCfEBWYo/LgjArCutLsbfIu272IDXyXLRD5LPu9kXHhF20woVFWPm8AsLpCsV92k7ZY/eGYrwOPVowUi19ribyl0NOtsMu6paijcat7WGHBGfY2IIkgACKj5bMaNipfVkYonZX9SVY4SWurLGXLxoU16zXz2bs4we8LiW0yRWdHI9h6YEoZAn/IJodWQtEnL0k+4ydvWKz0UXo2RlM8GPFqA/zRLQ923EpZq4sbgf tom@example.com"}],"backups":false,"ipv6":true,"user_data":null,"private_networking":null}' "https://api.digitalocean.com/v2/droplets" > droplet-git.json

    Output is:

    {"id":"bad_request","message":"Your request body was malformed."}

    This exact command but with “ssh_keys”:null works perfectly, creating a droplet.

  • tomcampbell May 30, 2015
    Reply Report

    Latest version, still failing:

    curl -D - -X POST -H "Content-Type: application/json" 
-H "Authorization: Bearer $TOKEN" -d '{"name":"git","region":"nyc3","size":"512mb","image":"ubuntu-14-04-x64",
"ssh_keys":["ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDN5Z0EHKo09iLXvsggp1epyjhisZ2W3MG8LBuDSW/cQQXl66kcb8Vd1tp9sEZ9EkqWNtmikl22k4QQeLSD59EvXMvwxlBWWq8V8+arAbbcJTDfCfEBWYo/LgjArCutLsbfIu272IDwyXLRD5LPu9kXHhF20woVFWPm8AsLpCsV92k7ZY/eGYrwOPVowUi19ribyl0NOtsMu6paijcat7WGHBGfY2IIkgACKj5bMaNipfVkYonZX9SVY4SWurLGXLxoU16zXz2bs4we8LiW0yRWdHI9h6YEoZAn/IJodWQtEnL0k+4ydvWKz0UXo2RlM8GPFqA/zRLQ923EpZq4sbgf tom@example.com"],"backups":false,"ipv6":true,"user_data":null,"private_networking":null}' "https://api.digitalocean.com/v2/droplets" > create-results.json

    And the output is:

    {"id":"unprocessable_entity","message":"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDN5Z0EHKo09iLXvsggp1epyjhisZ2W3MG8LBuDSW/cQQXl66kcb8Vd1tp9sEZ9EkqWNtmikl22k4QQeLSD59EvXMvwxlBWWq8V8+aro6DcJTDfCfEBWYo/LgjArCutLsbfIu272IDwyXLRD5LPu9kXHhF20woVFWPm8AsLpCsV92k7ZY/eGYrwOPVowUi19ribyl0NOtsMu6paijcat7WGHBGfY2IIkgACKj5bMaNipfVkYonVY4SWurLGXLxoU16zXz2bs4we8LiW0yRWdHI9h6YEoZAn/IJodWQtEnL0k+4ydvWKz0UXo2RlM8GPFqA/zRLQ923EpZq4sbgf tom@example.com are invalid key identifiers for Droplet creation."}
  • a4word October 3, 2015
    Reply Report

    I believe you want to use the fingerprint value (e.g. 11:37:44:86:62:15:86:5f:0c:7d:41:0b:39:cb:3c:44) not the actual public key.

  • a4word October 3, 2015
    Reply Report

    So

    curl -D - -X POST -H "Content-Type: application/json" -H "Authorization: Bearer $TOKEN" -d '{"name":"git","region":"nyc3","size":"512mb","image":"ubuntu-14-04-x64","ssh_keys":["11:37:44:86:62:15:86:5f:0c:7d:41:0b:39:cb:3c:44"],"backups":false,"ipv6":true,"user_data":null,"private_networking":null}' "https://api.digitalocean.com/v2/droplets" > droplet-git.json
  • Show 1 more comments

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
Submit an Answer
4 answers
mrmike July 16, 2015

hi, instead of the actual key you have to send the ID of the key.

  1. generate the key (which it looks like you’ve already done)
  2. add your public key via https://cloud.digitalocean.com/ssh_keys or API https://developers.digitalocean.com/documentation/v2/#create-a-new-key
  3. get the ID of the added public key via API call curl -X GET -H ‘Content-Type: application/json’ -H 'Authorization: Bearer $TOKEN’ “https://api.digitalocean.com/v2/account/keys
  4. use this ID for you droplet creation call: …,“ssh_keys”:[123456]… enjoy!
Reply Report
dushan566 April 14, 2016

It works for me when use the following;

curl -X POST “https://api.digitalocean.com/v2/droplets” -d’{“name”:“server1.example.com”,“region”:“nyc3”,“size”:“512mb”,“image”:“centos-6-5-x64”,“ssh_keys”:[“95:0d:c5:a9::xxxx:xxxx:f7:fa”]}’ -H “Authorization: Bearer $TOKEN” -H “Content-Type: application/json”

$TOKEN is my API key

Reply Report
tension183 January 23, 2019

This works for me:

curl -X GET "https://api.digitalocean.com/v2/account/keys" -H "Authorization: Bearer $DO_API_TOKEN"
Reply Report
alexdo August 24, 2020

Hello, @tomcampbell

In order to create a droplet using the API you can use the following curl example:

curl -X POST -H "Content-Type: application/json" -H "Authorization: Bearer b7d03a6947b217efb6f3ec3bd3504582" -d '{"name":"example.com","region":"nyc3","size":"s-1vcpu-1gb","image":"ubuntu-16-04-x64","ssh_keys":[107149],"backups":false,"ipv6":true,"user_data":null,"private_networking":null,"volumes": null,"tags":["web"]}' "https://api.digitalocean.com/v2/droplets"

where ssh_keys is an array containing the IDs or fingerprints of the SSH keys that you wish to embed in the Droplet’s root account upon creation.

You can check our documentation about the API here: https://developers.digitalocean.com/documentation/v2/#create-a-new-droplet

Hope that this helps!
Regards,
Alex

Reply Report

Related

Looking for something else?

Ask a new question Search for more help