Yes, you can regain access to Droplet even if you lose public key and don't have SSH root access enabled.
In case that happens, you need to resort to Web Console.
Why does Web Console work even with SSH root disabled? Reason is because Web Console is not SSH, look at Console as interface that you would get if you attach keyboard and monitor directly to server (Droplet).
sshd_config applies only to SSH session, so Console still works.
In Console you can use root user or non-root user if you created it in Initial Server Set Up.
If you have only root account and you used SSH key on Droplet Creation then you don't have root password (because it's not emailed when you use SSH key on Creation). In that case, first you need to Reset Root Password by going to Control Panel, Droplet, Access, Reset Root Password.
In case you have non-root account or you have root password use it as normal.
Then you can enable password root access or use Console to copy key. It can be hard to copy key in Console as copy and paste don't work in it so a SSH (or
ssh-copy-id if you have) it would be better.
To add a new SSH key, you need to add public key content to
When you start a new server, there are a few steps that you should take every time to add some basic security and give you a solid foundation. In this guide, we'll walk you through the basic steps necessary to hit the ground running with Ubuntu 16.04.