How to Upload SSH Public Keys to a DigitalOcean Team

Validated on 27 Jun 2022 • Posted on 19 Jun 2018 ssh

DigitalOcean Droplets are Linux-based virtual machines (VMs) that run on top of virtualized hardware. Each Droplet you create is a new server you can use, either standalone or as part of a larger, cloud-based infrastructure.

After you create an SSH key pair, you can upload your public key to DigitalOcean teams to make it easier to add your keys to your Droplets. It’s safe to freely share your SSH public key because it cannot be used to re-create the private key. It can only be used to validate the user who holds the associated private key.

Automate Uploading an SSH Key to a DigitalOcean Team

How to upload an SSH key to your DigitalOcean team using the DigitalOcean CLI

To upload an SSH key to your DigitalOcean team via the command-line, follow these steps:

Install doctl, the DigitalOcean command-line tool.
Create a personal access token, and save it for use with doctl.
Use the token to grant doctl access to your DigitalOcean account.
```
              doctl auth init
            
```
Finally, upload an SSH key to your DigitalOcean team with doctl compute ssh-key create. The basic usage looks like this, but you'll want to read the usage docs for more details:
```
              doctl compute ssh-key create <key-name> [flags]
            
```

How to upload an SSH key to your DigitalOcean team using the DigitalOcean API

To upload an SSH key to your DigitalOcean team using the DigitalOcean API, follow these steps:

Create a personal access token, and save it for use with the API.

Send a POST request to https://api.digitalocean.com/v2/account/keys

cURL

To upload an SSH key to your DigitalOcean team with cURL, call:


                curl -X POST \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" \
  -d '{"name":"My SSH Public Key","public_key":"ssh-rsa AEXAMPLEaC1yc2EAAAADAQABAAAAQQDDHr/jh2Jy4yALcK4JyWbVkPRaWmhck3IgCoeOO3z1e2dBowLh64QAM+Qb72pxekALga2oi4GvT+TlWNhzPH4V example"}' \
  "https://api.digitalocean.com/v2/account/keys"

Go

Go developers can use Godo, the official DigitalOcean V2 API client for Go. To upload an SSH key to your DigitalOcean team with Godo, use the following code:


                import (
    "context"
    "os"

    "github.com/digitalocean/godo"
)

func main() {
    token := os.Getenv("DIGITALOCEAN_TOKEN")

    client := godo.NewFromToken(token)
    ctx := context.TODO()

    createRequest := &godo.KeyCreateRequest{
        Name:      "My SSH Public Key",
        PublicKey: "ssh-rsa AEXAMPLEaC1yc2EAAAADAQABAAAAQQDDHr/jh2Jy4yALcK4JyWbVkPRaWmhck3IgCoeOO3z1e2dBowLh64QAM+Qb72pxekALga2oi4GvT+TlWNhzPH4V example",
    }

    transfer, _, err := client.Keys.Create(ctx, createRequest)
}

Ruby

Ruby developers can use DropletKit, the official DigitalOcean V2 API client for Ruby. To upload an SSH key to your DigitalOcean team with DropletKit, use the following code:


                require 'droplet_kit'
token = ENV['DIGITALOCEAN_TOKEN']
client = DropletKit::Client.new(access_token: token)

ssh_key = DropletKit::SSHKey.new(
  name: 'My SSH Public Key',
  public_key: 'ssh-rsa AEXAMPLEaC1yc2EAAAADAQABAAAAQQDDHr/jh2Jy4yALcK4JyWbVkPRaWmhck3IgCoeOO3z1e2dBowLh64QAM+Qb72pxekALga2oi4GvT+TlWNhzPH4V example'
)
client.ssh_keys.create(ssh_key)

Upload an SSH Key to a DigitalOcean Team with the Control Panel

To add an SSH public key to a team, log in to the control panel and make sure you are logged into the team you want to use. In the main menu on the left on the screen, click Settings, then click the Security tab at the top of the page to go to the team security settings page.

In the SSH keys section, click Add SSH Key.

Next, copy your public key and paste it into the SSH key content field.

Tip

Can’t find your keys? By default, your key files are saved to the hidden SSH folder in your home directory, and your public key ends in .pub. On Linux, your public key is typically /home/your_username/.ssh/id_rsa.pub, and on macOS and Windows, it’s typically /Users/your_username/.ssh/id_rsa.pub.

If you generated your key pair with PuTTYgen on Windows, you need to use PuTTYgen to view the public key in the appropriate format.

On macOS, you can then copy the key directly to your clipboard by running the following command:

pbcopy < ~/.ssh/id_rsa.pub

The Windows and Linux versions of the command depend on your specific distribution, subsystem, or command-line shell.

In the second field, enter a name for the key. You’ll use this name to identify this key in the DigitalOcean Control Panel. We recommend using the name of the machine you copied the public key from.

Click the Add SSH Key button when you are finished. The key is displayed on the Security page. You can use a key’s More menu to edit the key information or delete it entirely:

When you create Droplets, you can automatically embed this key by selecting it in the Add your SSH keys section of the Droplet create page.

Now, instead of using a set root password, you will use your private key to sign in to your Droplet. If you set a password on the key itself when you created it, you will be prompted for the key’s password. If not, you’ll connect with no additional authentication.