Question

Can't access droplet any more after adding a new SSH key

Posted June 18, 2020 528 views
GitDigitalOceanDeploymentLinux Commands

I initially created a droplet and added my SSH key in the creation process. It worked well, I could easily connect to server from my local machine via SSH. However, I recently had to reinstall my OS and lost my saved ssh key, so have had to create a new ssh key. I can’t get it to work. I have tried the commands and get these error messages:

C:\ $ ssh root@droplet IP
root@droplet IP: Permission denied (publickey).

C:\ $ ssh -i ~/.ssh/id_rsa root@droplet IP
root@droplet IP: Permission denied (publickey).

Also, I have deleted my original ssh key from my digitalocean droplet account to try and resolve this but that has not helped.

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer

Hi @sub359,

It seems like you are trying to use your private id_rsa key to enter. In order to enter using your SSH key, you’ll need to do the following.

  1. Copy your public ssh key in the file id_rsa.pub.

  2. SSH into your droplet’s console and your root password from your Contron Panel

  3. Paste the idrsa.pub contents in your “`~/.ssh/authoroziedkeys”`

  4. Restart your sshd service service sshd restart

  5. Give it another go to SSH to your droplet.

Regards,
KDSys

  • Hi. Thank you for the reply. I’m trying to use the same ssh key that I have set up for github, which I have saved in the file id_rsa.pub. I copied the contents and saved them in the SSH keys section for my droplet. Can I use the same key (it works for github)? If not, where do I get my public ssh key?

    • Hi @sub359,

      Yes, you can use the same key, having said that, please make sure you’ve added it to the correct file. Additionally, check if the permissions of the files are correct.

      • Your home directory ~, your ~/.ssh directory and the ~/.ssh/authorized_keys file on the remote machine must be writable only by you: rwx------ andrwxr-xr-x are fine, but rwxrwx---is no good, even if you are the only user in your group (if you prefer numeric modes: 700 or 755, not 775).
      • If~/.ssh or authorized_keys is a symbolic link, the canonical path (with symbolic links expanded) is checked.
      • Your ~/.ssh/authorized_keys file (on the remote machine) must be readable (at least 400), but you’ll need it to be also writable (600) if you will add any more keys to it.
      • Your private key file (on the local machine) must be readable and writable only by you: rw——-, i.e. 600.
Submit an Answer