radar1
By:
radar1

Login credentials work over ssh, but not for DO console.

June 30, 2016 617 views
DigitalOcean

My login credentials for root and user accounts work when I ssh in, but none of my credentials work (for any account) if I access the droplet from the Digital Ocean console.

3 Answers

While logged in as root using ssh, set the password for root or the account you are using with the DO console.

#enter password when prompted
passwd user_name_or_root

For more info, read the tutorial on setting up ssh

SSH, or secure shell, is the most common way of administering remote Linux servers. Although the daemon allows password-based authentication, exposing a password-protected account to the network can open up your server to brute-force attacks. In this guide, we demonstrate how to configure your server with SSH keys, which is the recommended authentication method. These are much more difficult for attackers to work around, giving you a more secure login mechanism.
  • Is there a way to do it without resetting every user account? That's not really worth the hassle for me; I'll just continue accessing through ssh. I'm also curious as to why the issue is happening in the first place--I was wondering if a firewall setting was somehow interfering w/ the DO console.

    • @radar1 - I recommend access to the DO console be limited only to root and the droplet maintainer. For all other login access, you should be using SSH only (no password prompting, just verification of SSH keys). The link above shows you how to turn off ssh login password prompting. This is a recommended security measure to reduce brute force password guessing with ssh, since passwords are short and private+public keys are longer and more secure.

      SSH, or secure shell, is the most common way of administering remote Linux servers. Although the daemon allows password-based authentication, exposing a password-protected account to the network can open up your server to brute-force attacks. In this guide, we demonstrate how to configure your server with SSH keys, which is the recommended authentication method. These are much more difficult for attackers to work around, giving you a more secure login mechanism.
      • My ssh is set up properly; I'm not prompting for ssh passwords. I'm also not accessing the droplet via the console as a matter of routine. I tried to log in via the console to ensure that I could access the droplet in an emergency, even without ssh access, and I couldn't; now I'm curious as to whether that's a configuration issue on my side or on DigitalOcean's side.
        To clarify the original question: my passwords work for all accounts (including root) if I log into the droplet via ssh and use 'su' commands to log into each account. No credentials work from the console log in screen. I just want to make sure I can access my server w/o ssh in an emergency.

I guess the answer from gnd, very helpful.

The answer was pretty dumb: the DO console does not allow pasting into the terminal. I use very long random strings for acct passwords, and paste into the password field. Manually entering works, and once in I was able to open an editor and try pasting random bits of text. No dice.

https://www.digitalocean.com/community/questions/copy-and-paste-into-console

Have another answer? Share your knowledge.