Today I’ve been want to create a web site for my gelecex.com domain and created a droplet on digitalocean. Everything was going well but when I want to connect to server via SSH got an error like “Permission denied (publickey)”. Firstly I tried create a new SSH key and save it on over digitalocean control panel, but nothings changed. Let’s begin with how can I created my ssh key what I’ve done?
Create SSH Key on Command Line
For creating SSH Key open command line and write the following command;
ssh-genkey
and run it. There is a command appeared like;
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/obetron/.ssh/id_rsa):
waiting from you, a file name for creating key pairs. You can enter id_rsa or something like that.
Enter passphrase (empty for no passphrase):
Now asking to you a passphrase for key pairs. You can enter a pass and
Enter same passphrase again:
Enter same pass again for verification. After that there will be an output like that;
Your identification has been saved in obetron.
Your public key has been saved in obetron.pub.
The key fingerprint is:
SHA256:aFgCLc7fL1ArDwQB87Stz9BBQR6hoLljDeTZMZ55VEY
obetron@Apple-MacBook-Pro.local
The key's randomart image is:
+---[RSA 2048]----+
|+o+**+oE |
|+**BB.. |
|o*+B=.. |
| .=oo=.. |
|o.o+ooo.S |
|.. +=.o |
| o= . |
| o . |
| . |
+----[SHA256]-----+
Now your key pair created with a name;
-rw------- 1 obetron staff 1896 Feb 1 13:04 obetron
-rw-r--r-- 1 obetron staff 417 Feb 1 13:04 obetron.pub
obetron is a private key and obetron.pub is a public key. You can edit and possibly broke you public key :)
Add Public Key to DigitalOcean
Now you can get the public key, don’t afraid it’s just copy and paste. Run the command;
cat ~/.ssh/obetron.pub
Public key value seen as something like that;
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDFQjE63daTs0xXQscVQgmUhwc9ZqErdlsKM+Txg+FgNwQY+UkUK7NompO6lARSeucB/ghcOxwRSU/ZXKYCQSEOuitHuNQyiXKkhOJJOYbaEWoiq5OltK87bp4uK4V2U/rZOkVdX4Lb7ihEd6DHt02nf13ZwiqupxKOQb1Y53yKoCXyOF2AgG7Sc7B4i31iY/spBcpcJWMnXwaXuNItjMH4lJtxJ8RJ7C18fEFjtgCG4MeZi7X2C7HoAaABPUnp0rjlcP74sDr1HjWPDugYAbqkmzkuQI9a/F/WPHQxTVy2blOnVTULx+9Q5c7t2NE/3g8pKcJ1xfbH7EDPQHzYeztZ obetron@Apple-MacBook-Pro.local
Copy it, and open your digitalocean account and select your droplet and there is a Security tab on the left hand side.
Select Security tab and you can see Add SSH Key button.
Click on it, paste the public key content there, and give a name for this SSH Key like Home, Work, or macbook etc. Click SSH Key Button and now you can connect to your server via ssh from your terminal.
Now writing command like that;
ssh username@server_ip_address
But there is a problem, you got an error (if not, don’t need read the rest, you are lucky);
Permission denied (publickey)
Permission denied Problem Solution
First copy the your public key via command line with a command;
ssh-copy-id username@server_ip_address
But probably you can get a same error because you can not reach the server. If not you can try again connect server via ssh. You could find a some solutions from other sites. They say change the /etc/ssh/sshd_config;
sudo nano /etc/ssh/sshd_config
PermitRootLogin prohibit-password to PermitRootLogin yes
PasswordAuthentication no to PasswordAuthentication yes
This wasn’t work for me, I think you should try but if not, continue reading.
Last chance, I was edit the authorized_keys file directly from server. Connected to server via digitalocean gui command line tool with a root account. Select my droplet and clicked the Access link on the left hand side,
Clicked the Launch Console button.
Entered my username and pass and edit authorized_keys file;
vi ~/.ssh/authorized_keys
Delete content in authorized_keys file and copy and paste my own public key content. Then I tried to connect from my terminal I did it successfully.
You can solve this issue with another way, please write it down to commands.