Petros Kyriakoupersonal blog

I am a full stack web developer. Love tinkering all the time, especially anything javascript related.

How to add a secondary SSH key to a droplet in digitalocean

April 08, 2019

These days, I am investing a lot of time, into taking the project I was working for months in production. If you are interested the project is called Bookis and its platform helping appointment-based businesses to manage their customers, book appointments, automatic reminders - all in one place.

Anyway, I took some time to figure out which cloud provider to use and after fiddling with AWS and realising like many others that AWS is expensive and complex for a one-man team, I decide to work with DigitalOcean as I have done in the past.

You might be wondering where I am going with this? I stumbled upon an issue where I wanted to login to one of my servers(called droplets) from another computer but since I disabled password login I needed to add the ssh key of the computer I was using to the server so I login in.

So first, I needed to figure out how I can login to the same account on the same server using two ssh keys which I could use interchangeably. After googling around, I found people having the same issue and other people giving answers. However, I found the answers incomplete, and did not work in my case.

Enabling password login

The first thing I needed to overcome, was to be able to login using a password. To do that, I needed to login to my server using root account, from the digitalocean console as I was away from the pc that had the authorized ssh key hence I had to login using another way.

After login you need to edit the file used for the ssh config

nano /etc/ssh/sshd_config

In there you need to find where it says PasswordAuthentication no and turn that to PasswordAuthentication yes

Restart sshd service

service sshd restart

ssh-copy-id

With password login now enabled, the steps are few now. All I had to do was use the ssh-copy-id (for a windows solution check here) as follows:

ssh-copy-id <user>@<ip>

Make sure you use the correct user here to avoid polluting authorized_keys file without reason.

Verify that you can now login

ssh <user>@<ip>

Cleanup

After you are done revert PasswordAuthentication no and restart the sshd service

Conclusion

It is quite easy to add a new SSH key to your server but if you have any other circumstances you can also check here for solutions. Also digitalocean has an article, however it did not fit my case either