nipun59
By:
nipun59

How to remove ssh keys for the droplet.

July 5, 2017 660 views
Security Ubuntu 16.04

I have created a ssh key for my droplet at digital oceans. After few days I have deleted the key from security page and still I am able to ssh using putty with that key. Is it necessary to delete the key from authorized_keys file. If so, then what is the use of adding/deleting ssh keys to droplet on their above mentioned security page?

2 Answers
jamieson July 6, 2017
Accepted Answer

Hansen is right. Installing keys on Droplets is a one-way deal: they're installed at initial boot only and never updated or removed. That keys repo is used for new droplets only.

To remove a key from a droplet:

sudo nano $HOME/.ssh/authorized_keys

Find and remove that key, and then save. You do not need to restart the SSH process.

If you are trying to manage keys across a team, you need tools like Userify (disclaimer: I work there), SSH.com's Universal Key Manager, or use a tool like Chef or Puppet to actually remove those keys from authorized_keys.

Hi @nipun59

Yes, you need to remove it from the authorized_keys - that's the one controlling who can get into the server.

The point of the security page, is to have a storage of keys, that you can easily create new droplets with a key from the storage.

Have another answer? Share your knowledge.