Root Password for VPS created with Predefined SSH Keys

October 11, 2016 3.5k views
DigitalOcean Getting Started Security Ubuntu 16.04
jeffcocking
By:
jeffcocking

A DO article states:

When you create a new VPS, you can choose to include that public key on the server. No root password will be emailed to you and you can log in to your new virtual private server from your chosen client. If you created a passphrase, you will be prompted to enter that upon login. (https://www.digitalocean.com/community/tutorials/how-to-set-up-ssh-keys–2)

The problem is the DO Droplet Console requires a root password.

  1. How do you get the root password?
  2. Other available work arounds?

thank you

Log In to Comment
3 Answers
jeffcocking October 11, 2016
Accepted Answer

Here are the steps taken to resolve this issue based on ryanpq’s response.

  1. Update your SSH to not require a password. This will require the following file be edited: /etc/ssh/sshd_config The parameter for PasswordAuthentication should be commented out and set to yes. This will need to be uncommented and changed to no.

Should read:

#PasswordAuthentication yes

Change to:

PasswordAuthentication no

After saving changes, restart ssh

service ssh restart
  1. Now add a password to the root userid. Enter the following command: passwd The command will prompt you for the new password and a duplicate new password to validate.

Now you can access the console from the droplet menu and have passwordless access via SSH.

Reply
xMudrii October 11, 2016

Edit - follow this only if you can’t access SSH, if you can SSH follow @ryanpq answer

As you said when you create Droplet with public key included, root password will not be emailed. Without root password you can’t login into console.
There is one workaround:

Go to DO Control Panel. Select your Droplet.
From right menu select Access option.
On that page you will have Reset root password button. Click on it, it will power off your Droplet and root password will be emailed to you.

With that password you can use console to login with
username: root
password: emailed one

Warning: it will power off your Droplet before resetting root password, so some downtime will occur. Process usually lasts only few seconds

Reply
ryanpq MOD October 11, 2016

With a droplet using ssh-keys you will need to log in via ssh with your key the first time. You can then run passwd to set a password for the root user. As long as your ssh configuration doesn’t allow for password authentication you can use the password you created to access the console (your droplet sees this as a local keyboard and display) but not to create a remote ssh connection.

Reply
Have another answer? Share your knowledge.

Related Questions