Changing the password is not working for two accounts

I’m about to pull my hair out. I’ve successfully changed the password for root and another user. I did this via the Recovery Console that Digital Ocean makes available.

Then I go right to my macOS terminal window and try to ssh into the droplet using the new password, and keep getting, “Permission denied, please try again.” I’ve tried typing the password, pasting it in using Command V on my iMac, and also using the paste option from the terminal’s Edit menu. None of them work. This is happening with both root and the other user account.

What is going on here? Is the hacker inside my droplet watching every move? As soon as I successfully change the password, does he change it again? I’ve been fighting this hacker for over a week. Apparently he is a cruel person.

Please help.

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Accepted Answer

Nevermind, I figured out what happened. I had PasswordAuthentication set to no.

Site Moderator
Site Moderator badge
July 12, 2023

Heya @spendlove,

The default SSJ configuration for every Droplet is PasswordAuthentication set to “no”. This is a security measure to protect your server from unauthorized access.

SSH (Secure Shell) is a protocol used to securely log into remote systems. It can use either password-based authentication or key-based authentication. While password-based authentication is easier to set up, it is also more susceptible to brute-force attacks. In a brute-force attack, an attacker tries to gain access to your system by guessing your password.

Key-based authentication is generally considered to be more secure. When using key-based authentication, a private key file is used to authenticate to the server. This file must be kept secret and secure on your local machine. The corresponding public key is placed on the server. Without the private key, access to the server is denied, even if the attacker knows the password.

Setting PasswordAuthentication to “no” forces the use of key-based authentication, making your Droplet more secure against potential brute-force attacks. This is considered a best practice in managing secure remote servers.

How to Allow Password Authentication

First, you need to enter your Droplet. For that you can use the Droplet Console.

The Droplet Console is a browser-based way to connect to Droplets. Instead of using ssh in a local terminal, you can use the Droplet Console in your preferred web browser.

The Droplet Console has a native-like terminal experience, so you can run commands on your Droplet from a familiar command-line interface. It also provides one-click SSH access to your Droplet without the need for a password or manual SSH key configuration.

More on that here:

Once inside, you need to open the SSHD config file /etc/ssh/sshd_config, change PasswordAuthentication to Yes and restart the service

service sshd restart

After that is done, you will be able to connect with a Password.

Try DigitalOcean for free

Click below to sign up and get $200 of credit to try our products over 60 days!

Sign up

Featured on Community

Get our biweekly newsletter

Sign up for Infrastructure as a Newsletter.

Hollie's Hub for Good

Working on improving health and education, reducing inequality, and spurring economic growth? We'd like to help.

Become a contributor

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Welcome to the developer cloud

DigitalOcean makes it simple to launch in the cloud and scale up as you grow — whether you're running one virtual machine or ten thousand.

Learn more
DigitalOcean Cloud Control Panel