If I try to connect using SSH client to my droplet, I get the following message.
**‘Permission Denied (Public Key)’ **
I have been relying on Access Console option in the Web console to access my droplet and push my updates. I would like to SSH to my Droplet. I have been able to do the same with my other accounts.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Greetings!
I don’t blame you, the web console is really best saved for emergency situations. SSH will likely always be the more friendly protocol for this.
The simple version of the error is this: Password login is disabled, and your SSH client is not loading a private key that has been accepted by the server for login.
If you created your droplet with an SSH key but do not use that key, we disabled password login for you. Otherwise, it’s still disabled, just not sure who did it :)
You’ll want to edit /etc/ssh/sshd_config over the web console, and look for things like this:
PermitRootLogin no
PasswordAuthentication no
It could be any combination of that, but you want both of them to be set to “yes” instead. When finished, restart SSH:
Debian / Ubuntu:
systemctl restart ssh
CentOS / Fedora:
systemctl restart sshd
Now you should be able to log in using your password. Keep it secure. There’s an xkcd for that: https://xkcd.com/936/
Jarland
Hello there,
You can check our article on How to Upload an SSH Public Key to an Existing Droplet
https://www.digitalocean.com/docs/droplets/how-to/add-ssh-keys/to-existing-droplet/
You can access the droplet from the DigitalOcean console and then temporary enable the PasswordAuthentication on your droplet and access the droplet with a password to upload the ssh-key.
If you haven’t created new pair of keys you’ll need to do that first.
You can enable PasswordAuthentication for your Droplet by modifying your /etc/ssh/sshd_config file. Once set to Yes restart the SSH service and connect via an SSH client for a more stable connection. You can then modify your ~/.ssh/authorized_keys file to add the appropriate public key.
This change can be made from the DigitalOcean’s console. If you’re having issues accessing the console you can then reach to our amazing support team that can help you further with this.
To enable the PasswordAuthentication follow these steps:
- Login to the console on the DigitalOcean website.
- Type
sudo nano /etc/ssh/sshd_config - Change
PasswordAuthenticationfrom “no” to “yes” and save the file - Open a terminal on your computer and type ssh username@[hostname or IP address] or if on a Windows box use PuTTY for password login making sure authentication parameters aren’t pointing to a private key
- Login with a password
- Type
sudo nano ~/.ssh/authorized_keys - Paste public key text here and save the file
- Type
sudo nano /etc/ssh/sshd_config - Change
PasswordAuthenticationfrom “yes” to “no” and save the file - Log out and attempt to log back in (if using PuTTY make sure you set up auth parameters to point to your private key)
You can then upload the key using this command:
ssh-copy-id -i ~/.ssh/mykey user@droplet
Hope that this helps! Regards, Alex
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and SMBs
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.