Question

Is it possible to get/set SSH host key programatically?

It seems FreeBSD images does not support user-data, so I cannot set ssh host keys there myself. Is there either another way to set the host key or alternatively read the one generated at first boot programmatically?

The only way to do this I am aware of is to open the console for the droplet via the web interface and read the key there which pretty much defeats the purpose of using the api to programmatically provision droplets in the first place. Not verifying host keys is a terrible idea and a complete showstopper.

Alternatively, can console output somehow be scraped?

Thanks Troels


Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

You can accept .the generated ssh key, in a roundabout way, by sshing one time to the new droplet.

ssh -o "StrictHostKeyChecking no" root@$(doctl compute droplet ls --format PrivateIPv4 --no-header ${name}) 'exit 0'

Then continue with the rest of your stuff, of course you can use any other ip from the droplet, depending on what you want to do.

The purists will say you open yourself up to a man-in-the-middle, but if you’re on a private network this should not be an issue.

Not sure If I got what you are asking, but I use Terraform and it is able to provision a new FreeBSD droplet with a pre-configured SSH key.

The API it uses is: https://developers.digitalocean.com/documentation/v2/#ssh-keys

Regards,

Nicholas

@tkjacobsen

I’d recommend looking at doctl - GitHub Repository - Usage Guide & Overview.

There’s a specific section that deals with SSH Keys here.

Using doctl isn’t limited to your local environment. You could deploy it to a web server and call on its functionality from there as well.

You can also pull the data down using JSON if you prefer and then store the output to a file, which could then be called by your application to do whatever needs to be done.