@sshjerk
You should only need to setup .ssh
for individual users. The root
user already has this directory on Ubuntu – ~/.ssh
– and it’s permissions are already set.
So what you need to do depends on who you’re trying to set the SSH Key up for.
…
For root
, you’d generate a key pair locally and add the public key to ~/.ssh/authorized_keys
. You’d then use the private key to log in.
For example, I’m on MacOS, so I’d open up Terminal and run:
ssh-keygen -a 500 \
-b 4096 \
-C "" \
-E sha256 \
-o \
-t rsa
From there, I’ll be prompted to set a location for storing the keys generated by the command, so I’ll provide a path and name. You’ll then be prompted for a passphrase and asked to confirm.
Once the key is saved locally, you can then cat
it locally and then copy and paste it to the server or us the ssh-copy-id
command. I normally copy and paste :-).
…
If you’re setting up SSH Keys for non-root
users, you need to make sure the user is setup properly.
mkdir -p /home/mynewuser/.ssh
touch /home/mynewuser/.ssh/authorized_keys
useradd -d /home/mynewuser mynewuser
chmod 700 /home/mynewuser/.ssh
chmod 644 /home/mynewuser/.ssh/authorized_keys
chown -R /home/mynewuser
chown root:root /home/mynewuser
Now that the new user is setup, you can copy the public key to the users authorized_keys
file.
…
The public key doesn’t need to exist anywhere other than in the authorized_keys
file on the Droplet. The private key should not be uploaded at all, instead, only used locally to connect.