Question

Permission denied (publickey) when setting up second SSH keys

I have a droplet that works with SSH but the keys are named the default id_rsa. When I add new keys they do not work. I’ve copied and pasted the public key into the digital ocean control panel in the working droplet. In the non-working droplet I tried this, as well as going ssh-copy-id root@206.***.***.104 but even this comes back as denied.

I know the permission are okay since the app with the default key names work.

I’ve tried simply naming them id_rsa2 and id_rsa_sinatra, but this does not work.

I tried to add the path to the private key ssh -i /Users/me/.ssh/id_rsa2 root@206.***.**104. No dice.

I’ve tried adding a config file to the SSH folder as follows (I am not at all confident that this is correct. It is scavenged from other posts):

Host sinatra_app
  HostName 206.***.***.*04
  AddKeysToAgent yes
  UseKeychain yes
  User root
  PubKeyAuthentication yes
  IdentityFile  ~/.ssh/id_rsa2
  User ****
  IdentitiesOnly yes

Using ssh -v root@888.000… I get this:

debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 48: Applying options for *
debug1: Connecting to 206.***.***.104 port 22.
debug1: Connection established.
debug1: identity file /Users/me/.ssh/id_rsa type 0
debug1: key_load_public: No such file or directory
debug1: identity file /Users/me/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/me/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/me/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/me/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/me/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/me/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/me/.ssh/id_ed25519-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.6
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.2p2 Ubuntu-4ubuntu2.4
debug1: match: OpenSSH_7.2p2 Ubuntu-4ubuntu2.4 pat OpenSSH* compat 0x04000000
debug1: Authenticating to 206.***.***.104:22 as 'root'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256@libssh.org
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:AfTvjUf8r80AyTpEkhrPShNm7viLZNwj0/lIlKxPM5E
debug1: Host '206.***.***.104' is known and matches the ECDSA host key.
debug1: Found key in /Users/me/.ssh/known_hosts:7
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:Ga8Ww/neSf7llHCfb3r6171pNb0RKyKVzdYFanRAo6o /Users/me/.ssh/id_rsa
debug1: Authentications that can continue: publickey
debug1: Trying private key: /Users/me/.ssh/id_dsa
debug1: Trying private key: /Users/me/.ssh/id_ecdsa
debug1: Trying private key: /Users/me/.ssh/id_ed25519
debug1: No more authentication methods to try.
root@206.***.***.104: Permission denied (publickey).``` 

I'm stumped.
Show comments

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

Hello, @deltar7

I would also like to give this tutorial on how to add ssh keys to existing droplet:

https://www.digitalocean.com/docs/droplets/how-to/add-ssh-keys/to-existing-droplet

You can always use the console from the control panel and add your keys from there in case you’re experiencing the error:

Permission denied (publickey)

Regards, Alex