Hi, when I create droplets I use the existing functionality provided on the website to automatically add ssh keys to the new server.
I can see my keys are added under /root/.ssh/authorized_keys. That works fine.
However, I have noticed that the /etc/ssh folder has some of it`s own default keys which I never put there.
I cannot delete them because the sshd config
defaults to them.
\#HostKey /etc/ssh/ssh_host_rsa_key
\#HostKey /etc/ssh/ssh_host_ecdsa_key
\#HostKey /etc/ssh/ssh_host_ed25519_key
At the same time I cannot change the config to point to /root/.ssh/authorized_keys
file as it complains about invalid format.
I could not find any documentation explaining the scenario. https://www.digitalocean.com/docs/droplets/how-to/add-ssh-keys/to-existing-droplet/
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Hi there @philippe15,
You should not really change the HostKey
values in sshd_config
to point to the /root/.ssh
folder, as the /root/.ssh
folder contains your client keys.
The keys that you are seeing in /etc/ssh/ssh_host_<rsa/dsa/ecdsa/ed25519>_key
are the host keys. Those host keys are generated automatically by OpenSSH when the server first boots.
For more information on how the SSH Host Keys work I recommend checking out the official documentation here:
https://www.ssh.com/ssh/host-key
Hope that this helps. Regards, Bobby