Question

Login credentials work over ssh, but not for DO console.

Posted June 30, 2016 2.3k views
DigitalOcean

My login credentials for root and user accounts work when I ssh in, but none of my credentials work (for any account) if I access the droplet from the Digital Ocean console.

Add a comment
radar1
By:
radar1
Add a comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
3 answers
gndo June 30, 2016

While logged in as root using ssh, set the password for root or the account you are using with the DO console.

#enter password when prompted
passwd user_name_or_root

For more info, read the tutorial on setting up ssh

How To Configure SSH Key-Based Authentication on a Linux Server
by Justin Ellingwood
SSH, or secure shell, is the most common way of administering remote Linux servers. Although the daemon allows password-based authentication, exposing a password-protected account to the network can open up your server to brute-force attacks. In this guide, we demonstrate how to configure your server with SSH keys, which is the recommended authentication method. These are much more difficult for attackers to work around, giving you a more secure login mechanism.
Reply Report
  • radar1 June 30, 2016

    Is there a way to do it without resetting every user account? That’s not really worth the hassle for me; I’ll just continue accessing through ssh. I’m also curious as to why the issue is happening in the first place–I was wondering if a firewall setting was somehow interfering w/ the DO console.

    Reply Report
    • gndo June 30, 2016

      @radar1 - I recommend access to the DO console be limited only to root and the droplet maintainer. For all other login access, you should be using SSH only (no password prompting, just verification of SSH keys). The link above shows you how to turn off ssh login password prompting. This is a recommended security measure to reduce brute force password guessing with ssh, since passwords are short and private+public keys are longer and more secure.

      How To Configure SSH Key-Based Authentication on a Linux Server
      by Justin Ellingwood
      SSH, or secure shell, is the most common way of administering remote Linux servers. Although the daemon allows password-based authentication, exposing a password-protected account to the network can open up your server to brute-force attacks. In this guide, we demonstrate how to configure your server with SSH keys, which is the recommended authentication method. These are much more difficult for attackers to work around, giving you a more secure login mechanism.
      Reply Report
      • radar1 June 30, 2016

        My ssh is set up properly; I’m not prompting for ssh passwords. I’m also not accessing the droplet via the console as a matter of routine. I tried to log in via the console to ensure that I could access the droplet in an emergency, even without ssh access, and I couldn’t; now I’m curious as to whether that’s a configuration issue on my side or on DigitalOcean’s side.
        To clarify the original question: my passwords work for all accounts (including root) if I log into the droplet via ssh and use ‘su’ commands to log into each account. No credentials work from the console log in screen. I just want to make sure I can access my server w/o ssh in an emergency.

        Reply Report
lutfimove June 30, 2016

I guess the answer from gnd, very helpful.

Reply Report
radar1 June 30, 2016

The answer was pretty dumb: the DO console does not allow pasting into the terminal. I use very long random strings for acct passwords, and paste into the password field. Manually entering works, and once in I was able to open an editor and try pasting random bits of text. No dice.

https://www.digitalocean.com/community/questions/copy-and-paste-into-console

Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help