You should only need to setup
.ssh for individual users. The
root user already has this directory on Ubuntu –
~/.ssh – and it’s permissions are already set.
So what you need to do depends on who you’re trying to set the SSH Key up for.
root, you’d generate a key pair locally and add the public key to
~/.ssh/authorized_keys. You’d then use the private key to log in.
For example, I’m on MacOS, so I’d open up Terminal and run:
ssh-keygen -a 500 \
-b 4096 \
-C "" \
-E sha256 \
From there, I’ll be prompted to set a location for storing the keys generated by the command, so I’ll provide a path and name. You’ll then be prompted for a passphrase and asked to confirm.
Once the key is saved locally, you can then
cat it locally and then copy and paste it to the server or us the
ssh-copy-id command. I normally copy and paste :-).
If you’re setting up SSH Keys for non-
root users, you need to make sure the user is setup properly.
mkdir -p /home/mynewuser/.ssh
useradd -d /home/mynewuser mynewuser
chmod 700 /home/mynewuser/.ssh
chmod 644 /home/mynewuser/.ssh/authorized_keys
chown -R /home/mynewuser
chown root:root /home/mynewuser
Now that the new user is setup, you can copy the public key to the users
The public key doesn’t need to exist anywhere other than in the
authorized_keys file on the Droplet. The private key should not be uploaded at all, instead, only used locally to connect.