ssh Private Keys

Noob here.

I set up my droplet over a years ago, and followed instructions to set up private key for ssh. If I recall correctly, it seemed to work fine. I have not accessed my droplet in several (many) months.

When I access now thru my user account (not root), it prompts me for a pwd and allows me to login. In the user’s .ssh directory the is an “authorized_key” file with what appears to me a key saved in it. My understanidng from reading on DO’s help forum is that the ssh keys are meant to work in lieu of root password log on, and that if I am logging on as user (not root) I should not be promoted for a paraphrase. So, I assume that there shouldn’t be any key info in the .ssh directory for the user.

When I access my account thru root, I am prompted for my root pwd (no the paraphrase) and am allowed to login as root. In the root’s .ssh directory, however, there is an authorized_key" file but it is empty.

Moreover, on my local machine, the only “private certificate” is one that I recent generated for another website (not my DO droplet). There doesn’t seem to be a “private certificate” my DO droplet.

Should I just start over as far as adding the ssh key?


Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

A few follow up questions:

  1. Shouldn’t there be a “id_rsa” file (a private key) on my local machine? There is not.

  2. The “authorized_keys” file in the .ssh of my root is empty. The file is there, but nothing is in it. The “authorized_keys” file in the .ssh of my user does have what apprears to be a key in it.

I am not sure how to tell if the key is working. That is, the is no private key in on my local machine, but I can login nevertheless. Shouldn’t I be prevented since there is public key on my DO drplot, but no private key on my local machine?

Thanks in advance.

You have to manually disable password authentication after setting up key based authentication.