How to install several ssh keys when creating droplet through api

Question

I’m setting up droplets via the API. in the create call I’m both adding an ssh key that’s already installed on DigitalOcean for logging into the droplet, and another third party ssh key to use for external communication. The second one is added via the user data cloud init script.

When I use the call with only the login key it works. But when I add the init script the login key doesn’t work. This means I can’t log into the droplet to debug. Any ideas what is going on?

jesper67c05ff7894361d0ba03 · Accepted Answer

Turns out the key was malformed. It lacked proper line endings. Very confusing debugging.

Andrew SB · Answer

Can you share an example of how you are calling the API and the cloud config script used? It would help narrow down the issue. At the surface, what you’re trying to should be supported.

You have a few options for adding multiple SSH keys to a Droplet:

The API allows for adding more than one SSH key when creating a Droplet. The ssh_keys field and take an array of SSH key IDs. For example, the body of your request might look like:

{
    "name":"example.com",
    "region":"nyc3",
    "size":"s-1vcpu-1gb",
    "image":"ubuntu-16-04-x64",
    "ssh_keys":[123456, 654321]
}

You can also add SSH keys to new Droplets via user data. For example:

#cloud-config
users:
  - name: root
    ssh-authorized-keys:
      - ssh-rsa AAAAB3NzaC1yc2EAAAADA....

If you specify the root user, these keys will be merged with the keys specified via the API into the ~/.ssh/authorized_keys file.

If you are still having issues and want to do further debugging, you can reset the root password for your Droplet via the “Access” tab for the Droplet in the control panel in order to gain access.

jesper67c05ff7894361d0ba03 · Answer

The following also only installs the FIRST key provided:

{ name: 'NAME',
  region: 'lon1',
  size: 's-1vcpu-1gb',
  image: 'ubuntu-16-04-x64',
  backups: false,
  ipv6: true,
  ssh_keys: [ 18005919 ],
  private_networking: null,
  volumes: null,
  tags: [ 'dev' ],
  user_data: '#cloud-config
      ssh-authorized-keys:
        - ssh-rsa AAAAB3xx9aR 
        - ssh-rsa AAAAB3NzaCC+KgGV 
   ' }

So there’s something wrong with the documentation of how cloud config works. In this case the first SSH-KEY provided is added to authorized_keys and I can log in. But the second key simply disappears. I’ve yet to find any debugging information.

jesper67c05ff7894361d0ba03 · Answer

Yeah that’s no help at all. Like I said, I’m adding one key for access, and one key to communicate with a third party. Both your options are only for access.

This is my config:

{
  name: 'NAME',
  region: 'lon1',
  size: 's-1vcpu-1gb',
  image: 'ubuntu-16-04-x64',
  backups: false,
  ipv6: true,
  user_data: '#cloud-config
    ssh_keys:
        rsa_private: |
          -----BEGIN RSA PRIVATE KEY-----
          -----END RSA PRIVATE KEY-----

        rsa_public: ssh-rsa AAAAB3NzaC1y
  ',
  ssh_keys: [ 18XXX16 ],
  private_networking: null,
  volumes: null,
  tags: [ 'dev' ] 
}

I naturally removed the keys themselves.

Now what I’m trying to do is: Create a droplet that I can reach via the SSH key supplied in “ssh_keys” and give that droplet access to my github account via the “user_data ssh_keys”.

Related

Question

How to install several ssh keys when creating droplet through api

Related