SSH Key Permission Denied

Question

I'm trying to set up cloud hosting with Digital Ocean.

Please skip to the bold part with asterisks (***) for the actual problem. Everything below here, above that part is background info.

I need to generate an RSA key pair, so I navigate to my cd ~/.ssh/ directory, then:

ssh-keygen -t rsa

I already have existing id_rsa and id_rsa.pub files, so when prompted:

Enter file in which to save the key (/demo/.ssh/id_rsa):

I enter the following to create a new pair:

~/.ssh/id_cloudhosting

I'm then asked for a passphrase, which I simply press return for "no password":

Enter passphrase (empty for no passphrase):

I repeat the above for confirmation, and the final output looks as follows (just a demo image):

Now that I have two new files, id_cloudhosting and id_cloudhosting.pub I need to copy the contents of the public file to my Digital Ocean hosting 'Add SSH console'. I do that like so:

cat ~/.ssh/id_cloudhosting.pub

Which returns the contents of the file:

ssh-rsa 
bUnChOFcOd3scrambledABCDEFGHIJKLMNOPQRSTUVWXYZnowIknowmy
ABCnextTIMEwontyouSINGwithmeHODOR demo@a

I paste the key into my hosting console and it saves successfully.

The next step is where the permission issues start: ****************

I need to "spin up a new server" - step four from their docs. So I enter the following:

cat ~/.ssh/id_worker.pub | ssh root@[my.hosting.ip.address] "cat >> ~/.ssh/authorized_keys"

Which should copy the public key as root to a newly created file called authorized_keys

This step never gets created because I'm immediately asked for a password to my host. I didn't ever create one! I pressed return (or enter) at that point, so I do the same when prompted, and get permission denied!

root@[host.ip.address]'s password:

Permission denied, please try again.

root@[host.ip.address]'s password:

Permission denied, please try again.

root@[host.ip.address]'s password:

Permission denied (publickey,password).

How can I rectify these permission denied issues?

EDIT: FIX BELOW

It seems as though, by using an unconventional (other than id_rsa) file, I needed to explicitly identify the file by doing the following:

ssh root@droplet.ip.address -i /path/to/private_key_file

...be sure not to use the public_key_file there. I am not connected to the server from my terminal. This is after destroying my previous droplet, creating a fresh one, with fresh key files, as @will-barnwell suggested

Answer 1

Assuming you have followed the linked guide up to and through Step Three, when you create a new server from their Web UI use the "Add SSH Keys" option and select the key you added to your account previously.

When actually spinning up a new server, select the keys that you would like installed on your server from the "Create a Droplet" screen. You can select as many keys as you like:

Once you click on the SSH key, the text saying, "Your root password will be emailed to you" will disappear, and you will not receive an email confirmation that your server has been created.

The command you were using was to add an ssh key to pre-existing server. Judging from the above quote I bet the password that you are being prompted for is in your email.

---

Why?

When you create a server on Digital Ocean ( or really most cloud hosting services ) a root password is automatically generated for you, unless you set the server up with an authorization key.

Using key authentication is definitely a good security choice, but make sure to read the instructions carefully, don't just copy/paste commands and expect it all to work out.

---

EDIT: OP's comments on the question have shed additional light on the matter.

New Advice: Blow your server away and set up the SSH keys as suggested, your server is probably unusable if it is not accepting your old SSH key and is prompting you for a password you don't have.

Be careful messing around with your last auth key, add a new one before removing an old one.