How to SSH into a DigitalOcean Droplet

Using SSH, you can perform command-line operations, install software, and configure your server without needing physical access. This will walk you through the steps to SSH into your DigitalOcean Droplet.

Prerequisites to SSHing into a Droplet

Click here for free DigitalOcean credit

• A DigitalOcean Droplet: An active Droplet running a Linux distribution like Ubuntu.
• SSH Client Software:
  • For macOS and Linux: Terminal application (built-in).
  • For Windows: PuTTY or Windows Terminal (Windows 10/11).
• Droplet’s IP Address: Obtainable from the DigitalOcean Control Panel.
• SSH Key Pair (Recommended): Public and private SSH keys for authentication.

Step 1: Retrieve Your Droplet’s IP Address

1. Log in to your DigitalOcean Control Panel.
2. Navigate to the Droplets section.
3. Find your Droplet in the list and note its public IP address.

Step 2: Install an SSH Client (If Necessary)

• Windows Users:
  • Option 1: Use PuTTY
    • Download PuTTY from the official website.
    • Install the application following the on-screen instructions.
  • Option 2: Use Windows PowerShell or Command Prompt
    • Windows 10 and later versions come with OpenSSH installed.
• macOS and Linux Users:
  • No action needed; the Terminal application has SSH capabilities built-in.

Step 3: Connect via SSH Using Password Authentication

Note: Password authentication is less secure than using SSH keys. It’s recommended only for initial setup or if SSH keys are not an option.

• Open your SSH client.
• Run the following command, replacing your_ip_address with your Droplet’s IP:
• bash
• Copy code
• ssh root@your_ip_address
• When prompted, enter the root password sent to you by DigitalOcean via email.

Step 4: Connect via SSH Using SSH Keys (Recommended)

a. Generate SSH Key Pair (If You Haven’t Already)

• On macOS/Linux:
• bash
• ssh-keygen -t rsa -b 4096
  • Save the SSH keys in the default location (~/.ssh/id_rsa).
  • You can add a passphrase for extra security.
• On Windows Using PuTTYgen:
  • Open PuTTYgen and click Generate.
  • Move your mouse around to create randomness.
  • Save the public and private keys.

b. Add Your Public Key to DigitalOcean

• In the DigitalOcean Control Panel, go to Account > Security.
• Under SSH Keys, click Add SSH Key.
• Paste your public key (found in ~/.ssh/id_rsa.pub or generated by PuTTYgen).
• Give it a recognizable name and save.

c. Deploy a Droplet with Your SSH Key

• When creating a new Droplet, select your SSH key under the Authentication section.
• If you’re adding the key to an existing Droplet, you’ll need to manually add it to the ~/.ssh/authorized_keys file on the server.

d. Connect to Your Droplet Using SSH Key Authentication

• Open your SSH client.
• Run the following command:
• bash
• ssh root@your_ip_address
• If you set a passphrase for the SSH key, you’ll be prompted to enter it.

Step 5: Verify the Connection

• Once connected, you should see a welcome message and it will change to indicate you’re logged into the Droplet.
• You can run a test command, like:
• bash
• ls

Troubleshooting

• Connection Refused: Ensure the Droplet is running and the IP address is correct.
• Permission Denied: Check that your SSH keys are correctly set up and that permissions on the .ssh directory are secure (chmod 700 ~/.ssh and chmod 600 ~/.ssh/authorized_keys).
• Firewall Issues: Make sure that port 22 is open in your Droplet’s firewall settings.

Next Steps

• Create a Non-Root User: For better security, create a new user that has sudo privileges, and then disable root login.
• Configure a Firewall: Use ufw to set up a firewall and allow only necessary ports.
• Set Up SSH Key-Based Authentication Only: Disable password authentication to enhance security.