SSH connection time out after creating droplet

Hi everyone,

I’m trying to write a provisioning and deployment script for a java application on debian 9.

My provisioning .sh script looks like this :

doctl compute droplet create DocumentationApplicationDroplet --image debian-9-x64 --region sfo2 --size 512mb --ssh-keys 9c:00:ec:04:9a:ed:74:fc:63:da:97:56:36:cb:88:8a --format ID > result.txt

export DROPLET_ID=`tail -1 result.txt`
export DROPLET_IP=`doctl compute droplet get $DROPLET_ID --format PublicIPv4 | tail -1`

ssh root@$DROPLET_IP "apt-get update"

When I run this script it creates a Debian-9 droplet that I can see on the website. But once the droplet is made and the apt-get command gets executed I get ssh: connect to host port 22: Connection timed out The IP you can see is the correct IP that I can also see on the website.

I have also created a new .sh script that looks like this : ssh root@IP_of_my_droplet “apt-get update”

where the IP_of_my_droplet is the same as the one I can see on the website and DROPLET_ID.

When I run this script, it works and apt-get update command gets executed on my droplet.

Any idea what the problem is here?

Kind regards, Simon

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

@kamaln7 described your problem very well — this behavior is expected, as your Droplet takes some time to provision, so it takes some time for OpenSSH server to get started.

I would just add an unrelated thing that could help you — depending on your script, you can use the user-data feature to execute the script (in your case the apt-get update command) on Droplet’s provision time. There’s also DigitalOcean Metadata API that you can use from your Droplet and the user-data script to obtain basic information about your Droplet.

You can take a look at the An Introduction to Droplet Metadata tutorial if you want to learn more about the user-data feature.

Also, the doctl has the ssh command that you can use to SSH to your Droplet or remotely execute commands. You can learn more about it by executing the doctl compute ssh --help command or by taking a look at the SSH portion of doctl tutorial. This will not solve your problems, but if your Droplet has unique name, you don’t need the DROPLET_ID and DROPLET_IP commands.

Hello there,

As mentioned the IP address of the droplet is returned before the droplet has booted and started all services. You can use doctl as mentioned by Kamal and check for the droplet status, once active you can continue with the rest of your scripts.


The IP address is assigned to your Droplet before it is actually created and is returned through the API response then. It takes a few seconds until the Droplet is created, booted up, and the OpenSSH server is started, so that’s most likely why you are seeing that error.

One option would be looping over doctl compute droplet get $DROPLET_ID --format Status until it is active, then checking whether port 22 is open every few seconds, and only then SSHing into it. This would add a delay until the Droplet is created (status set to active) and the OpenSSH server is started (port 22 is open).