Question

How to remove ssh keys for the droplet.

Posted July 5, 2017 9.7k views
Security Ubuntu 16.04

I have created a ssh key for my droplet at digital oceans. After few days I have deleted the key from security page and still I am able to ssh using putty with that key. Is it necessary to delete the key from authorized_keys file. If so, then what is the use of adding/deleting ssh keys to droplet on their above mentioned security page?

Add a comment
nipun59
By:
nipun59
Add a comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

3 answers
jamieson July 6, 2017

Hansen is right. Installing keys on Droplets is a one-way deal: they’re installed at initial boot only and never updated or removed. That keys repo is used for new droplets only.

To remove a key from a droplet:

sudo nano $HOME/.ssh/authorized_keys

Find and remove that key, and then save. You do not need to restart the SSH process.

If you are trying to manage keys across a team, you need tools like Userify (disclaimer: I work there), SSH.com’s Universal Key Manager, or use a tool like Chef or Puppet to actually remove those keys from authorized_keys.

Reply Report
hansen July 5, 2017

Hi @nipun59

Yes, you need to remove it from the authorized_keys - that’s the one controlling who can get into the server.

The point of the security page, is to have a storage of keys, that you can easily create new droplets with a key from the storage.

Reply Report
michaelb6bd3c2b70125a42ce7 May 4, 2018

So just to be clear, I have zero droplets so there are no authorized_keys to be removed. My question was, how do I remove the keys from the create droplet screen?

Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help