Whilst trying to reboot a stubborn server I couldn’t reach from the admin panel, I noticed with nmap that there is an extra port 60910 that appears to be opened on my droplet. However I can only see this port externally and not from within the droplet itself.

From inside droplet:

Starting Nmap 7.01 ( https://nmap.org ) at 2018-06-27 16:18 EST
Nmap scan report for example.com (xxx.xxx.xxx.xxx)
Host is up (0.00090s latency).
Not shown: 65529 closed ports
PORT      STATE SERVICE
25/tcp    open  smtp
80/tcp    open  http
443/tcp   open  https

From outside droplet:

Starting Nmap 7.01 ( https://nmap.org ) at 2018-06-27 16:00 EST
Nmap scan report for example.com (xxx.xxx.xxx.xxx)
Host is up (0.038s latency).
Not shown: 65528 filtered ports
PORT      STATE SERVICE
25/tcp    open  smtp
80/tcp    open  http
443/tcp   open  https
60910/tcp open  unknown

It appears to be an SSH daemon running on that port since it asks me to confirm an ED25519 key fingerprint, but does not accept the private key I have set up on my droplet’s usual SSH port.

I attempted to find documentation on this but couldn’t find any. I’m assuming this is used for maintenance on the hypervisor, but wanted to know exactly what it was used for and make sure that others can’t use that to access my droplet without my knowledge?