Related

Join the DigitalOcean Community Community

Join 1M+ other developers and:

  • Get help and share knowledge in Q&A
  • Subscribe to topics of interest
  • Get courses & tools that help you grow as a developer or small business owner
 Join Now
Accessing droplet via console denied using correct credentials Question Question
Create droplet with User Data Question Question

Question

How to install several ssh keys when creating droplet through api

Posted January 31, 2018 3.5k views
APIUbuntu 16.04

I’m setting up droplets via the API. in the create call I’m both adding an ssh key that’s already installed on DigitalOcean for logging into the droplet, and another third party ssh key to use for external communication.
The second one is added via the user data cloud init script.

When I use the call with only the login key it works. But when I add the init script the login key doesn’t work.
This means I can’t log into the droplet to debug. Any ideas what is going on?

Add a comment
jesper67c05ff7894361d0ba03
By:
jesper67c05ff7894361d0ba03

Related

Join the DigitalOcean Community Community

Join 1M+ other developers and:

  • Get help and share knowledge in Q&A
  • Subscribe to topics of interest
  • Get courses & tools that help you grow as a developer or small business owner
 Join Now
Accessing droplet via console denied using correct credentials Question Question
Create droplet with User Data Question Question

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
Submit an Answer
4 answers
jesper67c05ff7894361d0ba03 February 1, 2018

Turns out the key was malformed. It lacked proper line endings. Very confusing debugging.

Reply Report
asb January 31, 2018

Can you share an example of how you are calling the API and the cloud config script used? It would help narrow down the issue. At the surface, what you’re trying to should be supported.

You have a few options for adding multiple SSH keys to a Droplet:

The API allows for adding more than one SSH key when creating a Droplet. The ssh_keys field and take an array of SSH key IDs. For example, the body of your request might look like:

{
    "name":"example.com",
    "region":"nyc3",
    "size":"s-1vcpu-1gb",
    "image":"ubuntu-16-04-x64",
    "ssh_keys":[123456, 654321]
}

You can also add SSH keys to new Droplets via user data. For example:

#cloud-config
users:
  - name: root
    ssh-authorized-keys:
      - ssh-rsa AAAAB3NzaC1yc2EAAAADA....

If you specify the root user, these keys will be merged with the keys specified via the API into the ~/.ssh/authorized_keys file.

If you are still having issues and want to do further debugging, you can reset the root password for your Droplet via the “Access” tab for the Droplet in the control panel in order to gain access.

How To Use Cloud-Config For Your Initial Server Setup
by Justin Ellingwood
A cloud-config file is a special script that is used to define configuration details for your server as it is being brought online for the first time. These are often used for completing common tasks that a user would normally have to log into the server to accomplish. In this guide, we will run through how to do some initial configuration of an Ubuntu 14.04 server using a cloud-config file with our metadata service.
Reply Report
jesper67c05ff7894361d0ba03 February 1, 2018

Yeah that’s no help at all. Like I said, I’m adding one key for access, and one key to communicate with a third party. Both your options are only for access.

This is my config:

{
  name: 'NAME',
  region: 'lon1',
  size: 's-1vcpu-1gb',
  image: 'ubuntu-16-04-x64',
  backups: false,
  ipv6: true,
  user_data: '#cloud-config
    ssh_keys:
        rsa_private: |
          -----BEGIN RSA PRIVATE KEY-----
          -----END RSA PRIVATE KEY-----

        rsa_public: ssh-rsa AAAAB3NzaC1y
  ',
  ssh_keys: [ 18XXX16 ],
  private_networking: null,
  volumes: null,
  tags: [ 'dev' ] 
}

I naturally removed the keys themselves.

Now what I’m trying to do is:
Create a droplet that I can reach via the SSH key supplied in “sshkeys” and give that droplet access to my github account via the “userdata ssh_keys”.

Reply Report
jesper67c05ff7894361d0ba03 February 1, 2018

The following also only installs the FIRST key provided:

{ name: 'NAME',
  region: 'lon1',
  size: 's-1vcpu-1gb',
  image: 'ubuntu-16-04-x64',
  backups: false,
  ipv6: true,
  ssh_keys: [ 18005919 ],
  private_networking: null,
  volumes: null,
  tags: [ 'dev' ],
  user_data: '#cloud-config
      ssh-authorized-keys:
        - ssh-rsa AAAAB3xx9aR 
        - ssh-rsa AAAAB3NzaCC+KgGV 
   ' }

So there’s something wrong with the documentation of how cloud config works.
In this case the first SSH-KEY provided is added to authorized_keys and I can log in. But the second key simply disappears. I’ve yet to find any debugging information.

Reply Report
  • settermjd September 27, 2021

    Sure seems that way to me. I’ve tried space separated, quote-enclosed, and comma-separated, but always see the error: 

    Error: POST https://api.digitalocean.com/v2/droplets: 422 (request "...") Only valid hostname characters are allowed. (a-z, A-Z, 0-9, . and -)
    Reply Report

Related

Looking for something else?

Ask a new question Search for more help