Login credentials work over ssh, but not for DO console.

Question

My login credentials for root and user accounts work when I ssh in, but none of my credentials work (for any account) if I access the droplet from the Digital Ocean console.

Answer 1

gndo June 30, 2016

While logged in as root using ssh, set the password for root or the account you are using with the DO console.

#enter password when prompted
passwd user_name_or_root

For more info, read the tutorial on setting up ssh

How To Configure SSH Key-Based Authentication on a Linux Server

by Justin Ellingwood

by Brian Boucheron

SSH, or secure shell, is the most common way of administering remote Linux servers. Although the daemon allows password-based authentication, exposing a password-protected account to the network can open up your server to brute-force attacks. In this guide, we demonstrate how to configure your server with SSH keys, which is the recommended authentication method. These are much more difficult for attackers to work around, giving you a more secure login mechanism.

Reply Report

radar1 June 30, 2016

Is there a way to do it without resetting every user account? That’s not really worth the hassle for me; I’ll just continue accessing through ssh. I’m also curious as to why the issue is happening in the first place–I was wondering if a firewall setting was somehow interfering w/ the DO console.
Reply Report
- gndo June 30, 2016
  
  @radar1 - I recommend access to the DO console be limited only to root and the droplet maintainer. For all other login access, you should be using SSH only (no password prompting, just verification of SSH keys). The link above shows you how to turn off ssh login password prompting. This is a recommended security measure to reduce brute force password guessing with ssh, since passwords are short and private+public keys are longer and more secure.
  
  How To Configure SSH Key-Based Authentication on a Linux Server
  by Justin Ellingwood
  by Brian Boucheron
  SSH, or secure shell, is the most common way of administering remote Linux servers. Although the daemon allows password-based authentication, exposing a password-protected account to the network can open up your server to brute-force attacks. In this guide, we demonstrate how to configure your server with SSH keys, which is the recommended authentication method. These are much more difficult for attackers to work around, giving you a more secure login mechanism.
  
  Reply Report
  
  radar1 June 30, 2016
  
  My ssh is set up properly; I’m not prompting for ssh passwords. I’m also not accessing the droplet via the console as a matter of routine. I tried to log in via the console to ensure that I could access the droplet in an emergency, even without ssh access, and I couldn’t; now I’m curious as to whether that’s a configuration issue on my side or on DigitalOcean’s side.
  To clarify the original question: my passwords work for all accounts (including root) if I log into the droplet via ssh and use ‘su’ commands to log into each account. No credentials work from the console log in screen. I just want to make sure I can access my server w/o ssh in an emergency.
  
  Reply Report

Answer 2

radar1 June 30, 2016

Is there a way to do it without resetting every user account? That’s not really worth the hassle for me; I’ll just continue accessing through ssh. I’m also curious as to why the issue is happening in the first place–I was wondering if a firewall setting was somehow interfering w/ the DO console.
Reply Report
- gndo June 30, 2016
  
  @radar1 - I recommend access to the DO console be limited only to root and the droplet maintainer. For all other login access, you should be using SSH only (no password prompting, just verification of SSH keys). The link above shows you how to turn off ssh login password prompting. This is a recommended security measure to reduce brute force password guessing with ssh, since passwords are short and private+public keys are longer and more secure.
  
  How To Configure SSH Key-Based Authentication on a Linux Server
  by Justin Ellingwood
  by Brian Boucheron
  SSH, or secure shell, is the most common way of administering remote Linux servers. Although the daemon allows password-based authentication, exposing a password-protected account to the network can open up your server to brute-force attacks. In this guide, we demonstrate how to configure your server with SSH keys, which is the recommended authentication method. These are much more difficult for attackers to work around, giving you a more secure login mechanism.
  
  Reply Report
  
  radar1 June 30, 2016
  
  My ssh is set up properly; I’m not prompting for ssh passwords. I’m also not accessing the droplet via the console as a matter of routine. I tried to log in via the console to ensure that I could access the droplet in an emergency, even without ssh access, and I couldn’t; now I’m curious as to whether that’s a configuration issue on my side or on DigitalOcean’s side.
  To clarify the original question: my passwords work for all accounts (including root) if I log into the droplet via ssh and use ‘su’ commands to log into each account. No credentials work from the console log in screen. I just want to make sure I can access my server w/o ssh in an emergency.
  
  Reply Report

Answer 3

lutfimove June 30, 2016

I guess the answer from gnd, very helpful.

Reply Report

Answer 4

radar1 June 30, 2016

The answer was pretty dumb: the DO console does not allow pasting into the terminal. I use very long random strings for acct passwords, and paste into the password field. Manually entering works, and once in I was able to open an editor and try pasting random bits of text. No dice.

https://www.digitalocean.com/community/questions/copy-and-paste-into-console

Reply Report

Related

Question

Login credentials work over ssh, but not for DO console.

Related

Leave a comment

Looking for something else?

Sign up for our newsletter

Related

Question

Login credentials work over ssh, but not for DO console.

Related

Leave a comment

Related

question

Does DigitalOcean preserve snapshots of deleted droplets?

question

Is there a DigitalOcean Free Trial Available?

question

Price difference for: (a) One droplet with multiple domains, and (b) multiple droplets, with the exact same combined usage between a & b

question

What is Cloud Hosting?

Looking for something else?