Question

Root login to work with password, ONLY from virtual-server-based/KVM console

Posted January 15, 2019 639 views
Linux Basics Ubuntu Security DigitalOcean Linux Commands

I want to be able to:

  • login via remote SSH as root, ONLY with ssh-key pair
  • login via DigitalOceans KVM/Virtual-shell as root, with password

I do not see how else I can use ssh-key pair on the root account and still get the benefit of being able to login via Digital Oceans virtual Console that they give in their browser.

Add a comment
nyeates1
By:
nyeates1
Add a comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

1 answer
Mohsen47 January 15, 2019

@nyeates1

If you have setup a ssh key pair on Digital Ocean and used it when creating the droplet, then your SSH is configured to only accept public key authentication for your root user and no password is assigned to root, to set it up login via ssh as root and issue this command passwd to change password.

If you did not use a key pair when creating the droplet, then a password will be generated for root account and you change it when logging in for the first time, here you need to do the following to disable using passwords when connecting with SSH:

  • First create a key pair on you laptop -if you do not have one- with this command ssh-keygen
  • Copy the public key to your droplet with this command ssh-copy-id root@<droplet_ip>.
  • Disable SSH access using password by setting this option PasswordAuthentication no in /etc/ssh/sshd_config.
  • Make sure public key authentication is setup with this option PubkeyAuthentication yes
  • Restart ssh with this command sudo service ssh restart

Now you can access your droplet over SSH with your public key as root and login to KVM console as root with your password.

Hope this helps.

Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help