Question

SSH from to a droplet from a new client machine

There are lots of questions almost like this one, but not quite the same (or not that I’ve found). I am trying to ssh into my droplet. Ages ago I set up my droplet with the right keys so I did not need a password. That works just fine, even now I can ssh into the droplet just fine. So what’s the problem? Well, I’m setting up a new machine and copying everything from my old machine over. The new machine doesn’t let me log in. I’ve checked the permissions of the various files in my ~/.ssh directory and they look fine. Next I ran ssh -v and recorded the output on both the old machine (which works) and the new machine (which doesn’t). It is quite long but I looked through to find the differences. Down near the end the old (working) machine looks like this:

debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:<long string> /home/roger/.ssh/id_rsa
debug1: Authentications that can continue: publickey
debug1: Offering public key: RSA SHA256:<long string> /home/roger/.ssh/id_rsa_docean
debug1: Server accepts key: pkalg rsa-sha2-512 blen 279
debug1: Authentication succeeded (publickey).
```

Whereas the new machine looks like this:

```
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/roger/.ssh/id_rsa RSA SHA256:<long string> agent
debug1: Authentications that can continue: publickey
debug1: Offering public key: roger@benedict RSA SHA256:<long string> agent
debug1: Authentications that can continue: publickey
debug1: Offering public key: roger.parkinson35@gmail.com RSA SHA256:<long string> agent
debug1: Authentications that can continue: publickey
debug1: Offering public key: roger@benedict RSA SHA256:<long string> agent
debug1: Server accepts key: roger@benedict RSA SHA256:<long string> agent
sign_and_send_pubkey: signing failed for RSA "roger@benedict" from agent: agent refused operation
```

The important difference, I think, is that the old machine does an `'offering public key ... .ssh/id_rsa_docean'` and the new one does not. I do recall putting key information into that file when I set this up ages ago. The file is present on the new machine gut it isn't using it. Instead it tries several other things and eventually fails.

The new machine is using a different version of ssh, so maybe my old files aren't compatible with the new version. I feel if I could just tell it about the key file it would probably work. But I haven't found how to do that.

Thanks for any help.

Submit an answer


This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Bobby Iliev
Site Moderator
Site Moderator badge
October 24, 2020
Accepted Answer

Hi there @rogerparkinson,

There are a couple of things that you could do:

  • Option 1: When running the ssh command specify your SSH key with the -i flag:
  1. ssh -i ~/.ssh/id_rsa_docean your_user@your_server
  • Option 2: Add the following information to your ~/.ssh/config:
Host your_server_ip
    IdentityFile ~/.ssh/id_rsa_docean
    User your_user
    IdentitiesOnly yes
  • Option 3: If you do not have any other SSH keys on your machine, rename the ~/.ssh/id_rsa_docean file to ~/.ssh/id_rsa so that it is the default key used when you try to SSH

Hope that this helps! Regards, Bobby

Try DigitalOcean for free

Click below to sign up and get $200 of credit to try our products over 60 days!

Sign up

Get our biweekly newsletter

Sign up for Infrastructure as a Newsletter.

Hollie's Hub for Good

Working on improving health and education, reducing inequality, and spurring economic growth? We'd like to help.

Become a contributor

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Welcome to the developer cloud

DigitalOcean makes it simple to launch in the cloud and scale up as you grow — whether you're running one virtual machine or ten thousand.

Learn more
DigitalOcean Cloud Control Panel