landed
By:
landed

Should I create a new SSH key

May 15, 2017 75 views
WordPress Ubuntu 16.04

I already have quite a few SSH keys and wanted to reuse them - is this an ok idea?
Before I spun up a droplet in my new DO account I was given the option to create a key. But I am now asked when creating my first droplet to add another key. So if I dont add a key at this stage is it possible to add later? I read somewhere that you cant add keys after spinning up. But how does that sound right if I needed to give SSH access to another dev??

Sorry for the noob question.

I am also thinking that we should not be deleting droplets lightly as everything will disappear. Is there a chance this could happen and loose the entire data of websites on the droplet?

Thanks

2 Answers
hansen May 15, 2017
Accepted Answer

Hi @landed

It a very good question - not noob at all.

Think of keys as extremely advanced passwords. You never want to re-use a password anywhere either. So create new keys - it's better to do it one time more than one time less, just like renewing passwords.

I'm not sure which stage you're referring to, but it's possible to switch to keys at any point - and switch back to password-only if needed.

There are many tutorials on setting up SSH - I'm just going to link to one:
https://www.digitalocean.com/community/tutorials/how-to-create-ssh-keys-with-putty-to-connect-to-a-vps

As for your question about droplet deletion. As long as you don't give access to the DigitalOcean control panel, then no-one can delete your droplet.
That being said, if someone gets access to a SSH key and access your server, they can do a lot of damage. Or if there is a security hole in a plugin/theme, then your entire site could be deleted.
So a general rule, make sure everything is up-to-date - both entire WordPress, but also Ubuntu and all the services.
And have backups - not just one, but multiple backups in different locations.

by Pablo Carranza
This tutorial runs through creating SSH keys with PuTTY to connect to your virtual server.

Thank you - I decided to delete the main key and make a new one just for DO. I deleted the one set in my account settings so that I could add it to my first droplet. That saves me doing that later.
I understand much more now thanks.

Have another answer? Share your knowledge.