Question

Locked out of Droplet SSH

I’m locked out of my VPS droplet. How can I create a new identity, so I’m able to log in? I don’t recall ever creating a root password

OS: El Capitan 10.11.6 Distribution: Ubuntu 14.04

I used to ssh into my VPS. I have an id_rsa and a id_rsa.pub . I’m trying to access it now using:

root@104.236.87.210

Result > “Permission denied, please try again” (3 incorrect entries and then…) > "Permission denied, (publickey,password)

I don’t remember using a password in the past, thats why I configured ssh. Even if I did, what action can I take to “reset” my login password? I’ve tried generating new ssh keys, added them to my known_hosts with ssh-add. I’ve added the new ssh key to my VPS through the web interface.

Can anyone walk me through the proper process of resetting my login?

Show comments

Submit an answer


This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Hello,

Sorry to hear you had bunch of problems. Anyways I will write few sentences for you (if you didn’t already destroyed Droplet) and for future readers.

First of all, you can try using ssh-copy-id from your local machine instead of ssh-add. Step Four of Initial Server Setup Tutorial have it explained great.

Make sure that you have id_rsa and id_rsa.pub in your /home/sammy/.ssh on local machine.

Before using SSH as root make sure you didn’t set PermitRootLogin to no. Open /etc/ssh/sshd_config with any text editor from DigitalOcean Web Console if you can’t access SSH:

  1. sudo nano /etc/ssh/sshd_config

Find line PermitRootLogin. Make sure it’s set to yes and there is no any # (comment) before line. If you want to use password for login, make sure PasswordAuthentication is set to yes and there is also no # (comment).

Save file, exit editor and restart SSH:

  1. sudo systemctl restart sshd

You can also for debugging create new user, add it to sudo group and use it for SSH instead of DigitalOcean Web Console. Initial Sever Setup has it covered in Step One in Step Two. In case you want to use that user with password instead of SSH key, make sure you have enabled PasswordAuthentication under your sshd_config (I wrote in previous step how to check it`.

I was able to log in using the digitalocean web console. I logged in as root, but I still cannot ssh into my server from my OS (terminal).

Steps I took to reset root password:

  • Get to your droplet page on the website, click Access
  • Select Reset Root Password, then wait for the email
  • Get back to your droplet page, and click the Console or Launch Console button
  • Once the console is open, hit return or enter on your keyboard
  • In the next step, its important to note your username is probably different than the user you’re trying to log in as. For example, my username is reala but my login was root
  • You should get a prompt with your username, asking you to login like below:
  • [username] login: _ (Here I entered root as my login)
  • Then you’ll get a password prompt like below:
  • password: _ (I entered the password emailed to me, I typed it out didn’t try pasting)
  • Once I logged in, I was successfully able to change my password. I can log in and out of the web console using that password as many times as I like
  • Hopefully your luck is better than mine and those username / pass credentials work the first time, mine took a bunch of tries

So I’m able to access my server using that process - but doesn’t entirely solve my problem. I’m still being asked for a password when I try to ssh in from my OS terminal. And my new password ONLY works in the web console, it does not work when I’m asked for a password from my OS. I’m not sure whats going on, I’m almost tempted to destroy my droplet, lose all my work and start fresh. Already lost an entire day over this. Hopefully the above atleast gets someone else access to their VPS.

Try DigitalOcean for free

Click below to sign up and get $200 of credit to try our products over 60 days!

Sign up

Featured on Community

Get our biweekly newsletter

Sign up for Infrastructure as a Newsletter.

Hollie's Hub for Good

Working on improving health and education, reducing inequality, and spurring economic growth? We'd like to help.

Become a contributor

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Welcome to the developer cloud

DigitalOcean makes it simple to launch in the cloud and scale up as you grow — whether you're running one virtual machine or ten thousand.

Learn more