Should I create a new SSH key

I already have quite a few SSH keys and wanted to reuse them - is this an ok idea? Before I spun up a droplet in my new DO account I was given the option to create a key. But I am now asked when creating my first droplet to add another key. So if I dont add a key at this stage is it possible to add later? I read somewhere that you cant add keys after spinning up. But how does that sound right if I needed to give SSH access to another dev??

Sorry for the noob question.

I am also thinking that we should not be deleting droplets lightly as everything will disappear. Is there a chance this could happen and loose the entire data of websites on the droplet?



Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Accepted Answer

Hi @landed

It a very good question - not noob at all.

Think of keys as extremely advanced passwords. You never want to re-use a password anywhere either. So create new keys - it’s better to do it one time more than one time less, just like renewing passwords.

I’m not sure which stage you’re referring to, but it’s possible to switch to keys at any point - and switch back to password-only if needed.

There are many tutorials on setting up SSH - I’m just going to link to one:

As for your question about droplet deletion. As long as you don’t give access to the DigitalOcean control panel, then no-one can delete your droplet. That being said, if someone gets access to a SSH key and access your server, they can do a lot of damage. Or if there is a security hole in a plugin/theme, then your entire site could be deleted. So a general rule, make sure everything is up-to-date - both entire WordPress, but also Ubuntu and all the services. And have backups - not just one, but multiple backups in different locations.

Thank you - I decided to delete the main key and make a new one just for DO. I deleted the one set in my account settings so that I could add it to my first droplet. That saves me doing that later. I understand much more now thanks.