I was recently in the situation where I needed to add an ssh-key to a Digital Ocean droplet. This happened because I had created the droplet without supplying the
ssh-keys argument to the
doctl command. It would be easier to simply recreate the droplet, but I had already updated the DNS records, and didn’t want to wait for them to propagate again.
$ doctl compute droplet create <name> \ --region <region-slug> \ --image <image-slug> \ --size <size-slug> \ --ssh-keys <ssh-key-fingerprint>
Also simply for posterity’s sake, this is what I needed to do to create an ssh key-pair, transfer the public key to the droplet and activate it in the Linux environment.
On the local machine, if none exists generate a key-pair:
Follow the instructions.
Once the key-pair has been generated, two files will appear in the
~/.ssh-directory. Transfer the public key to the droplet:
$ scp ~/.ssh/id_rsa.pub root@$DROPLETIP:~
:~ at the end there. We need to specify where on the server we want to put the file. This tells
scp to throw it in the home directory.
Now that the public key has been transferred, login to the droplet:
$ ssh root@$DROPLETIP
Move the file into the
.ssh directory and rename it to
$ mv id_rsa.pub .ssh/authorized_keys
According to what I have read, ssh can be a bit picky about permissions, so we are supposed to lock down the file like this:
$ chmod 644 .ssh/authorized_keys
And likewise for the
$ ls -la .ssh -rw-r--r--
Lock down the directory:
$ chmod 755 .ssh/ drwxr-xr-x