Question

How to install several ssh keys when creating droplet through api

I’m setting up droplets via the API. in the create call I’m both adding an ssh key that’s already installed on DigitalOcean for logging into the droplet, and another third party ssh key to use for external communication. The second one is added via the user data cloud init script.

When I use the call with only the login key it works. But when I add the init script the login key doesn’t work. This means I can’t log into the droplet to debug. Any ideas what is going on?

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

jesper67c05ff7894361d0ba03February 1, 2018
Accepted Answer

Turns out the key was malformed. It lacked proper line endings. Very confusing debugging.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

Andrew SBJanuary 31, 2018

Can you share an example of how you are calling the API and the cloud config script used? It would help narrow down the issue. At the surface, what you’re trying to should be supported.

You have a few options for adding multiple SSH keys to a Droplet:

The API allows for adding more than one SSH key when creating a Droplet. The ssh_keys field and take an array of SSH key IDs. For example, the body of your request might look like:

{
    "name":"example.com",
    "region":"nyc3",
    "size":"s-1vcpu-1gb",
    "image":"ubuntu-16-04-x64",
    "ssh_keys":[123456, 654321]
}

You can also add SSH keys to new Droplets via user data. For example:

#cloud-config
users:
  - name: root
    ssh-authorized-keys:
      - ssh-rsa AAAAB3NzaC1yc2EAAAADA....

If you specify the root user, these keys will be merged with the keys specified via the API into the ~/.ssh/authorized_keys file.

If you are still having issues and want to do further debugging, you can reset the root password for your Droplet via the “Access” tab for the Droplet in the control panel in order to gain access.

jesper67c05ff7894361d0ba03February 1, 2018

The following also only installs the FIRST key provided:

{ name: 'NAME',
  region: 'lon1',
  size: 's-1vcpu-1gb',
  image: 'ubuntu-16-04-x64',
  backups: false,
  ipv6: true,
  ssh_keys: [ 18005919 ],
  private_networking: null,
  volumes: null,
  tags: [ 'dev' ],
  user_data: '#cloud-config
      ssh-authorized-keys:
        - ssh-rsa AAAAB3xx9aR 
        - ssh-rsa AAAAB3NzaCC+KgGV 
   ' }

So there’s something wrong with the documentation of how cloud config works. In this case the first SSH-KEY provided is added to authorized_keys and I can log in. But the second key simply disappears. I’ve yet to find any debugging information.

jesper67c05ff7894361d0ba03February 1, 2018

Yeah that’s no help at all. Like I said, I’m adding one key for access, and one key to communicate with a third party. Both your options are only for access.

This is my config:

{
  name: 'NAME',
  region: 'lon1',
  size: 's-1vcpu-1gb',
  image: 'ubuntu-16-04-x64',
  backups: false,
  ipv6: true,
  user_data: '#cloud-config
    ssh_keys:
        rsa_private: |
          -----BEGIN RSA PRIVATE KEY-----
          -----END RSA PRIVATE KEY-----

        rsa_public: ssh-rsa AAAAB3NzaC1y
  ',
  ssh_keys: [ 18XXX16 ],
  private_networking: null,
  volumes: null,
  tags: [ 'dev' ] 
}

I naturally removed the keys themselves.

Now what I’m trying to do is: Create a droplet that I can reach via the SSH key supplied in “ssh_keys” and give that droplet access to my github account via the “user_data ssh_keys”.

Try DigitalOcean for free

Click below to sign up and get $200 of credit to try our products over 60 days!

Sign up