I just created my first Ubuntu droplet and supplied my public SSH key which is contained in
~/.ssh/id_rsa.pub on my local machine at the time I was creating my droplet. I can SSH into my machine as root just fine via the command
ssh root@remote_host where
remote_host is my droplet’s IP address as given in the console. However, I would like to prohibit root logon to my droplet.
I created a new user by executing the commands
adduser newusername followed by
gpasswd -a newusername sudo to give the new user elevated privileges. I then manually copied over the contents of my public SSH key (from my local machine) following these instructions over to
$ mkdir .ssh $ chmod 700 .ssh $ cd .ssh $ vim authorized_keys
I then pasted in the public key and saved the file
$ chmod 600 authorized_keys $ exit # service ssh restart
When I tried to SSH in from my local machine using the command
ssh newusername@remote_host, I get the message
Permission denied (publickey). I even went back into the droplet and added the line AllowUsers newusername to the
/etc/ssh/sshd_config file but keep getting the same error.
UPDATE: I also tried running the following commands on my local machine, which is also running Ubuntu, but this did not work either:
$ eval `ssh-agent -s` $ ssh-add ~/.ssh/id_rsa
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
I finally ended up solving this issue by following these directions from another thread.
I fixed the problem by putting my root public key to user’s .ssh/authorized_keys file. now I can login from my machine with root username to remote machine with myuser account.
issue this command by root
ssh -p ‘ssh port’ myuser@remoteip
Want to learn more? Join the DigitalOcean Community!
Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.
Sign up now
The users home directory needs to be owned by the user in question, as does the
.sshdirectory and the
For example, a slightly different way of doing it that I use.
Create Directories and Files
Add The New User
Add User to sudo Group
Set Proper Permissions
Setup SSH Keys for myuser
Setup a Password for myuser
That way you can escalate using
myuseris the user we just created and setup, and
-i myusertells SSH to use the key that I have locally on my MacBook.