DigitalOcean Droplets are Linux-based virtual machines (VMs) that run on top of virtualized hardware. Each Droplet you create is a new server you can use, either standalone or as part of a larger, cloud-based infrastructure.
To connect to your Droplet, you need to open a terminal. How you do this varies between operating systems and window managers, but generally:
CTRL+ALT+T
.Once the terminal is open, enter the following SSH command. Substitute in your Droplet’s IP address after the @
.
If you have multiple SSH keys, you may need to specify the path of your private key using the -i
flag, as in ssh -i /path/to/private/key [email protected]
.
The very first time you log in, the server isn’t identified on your local machine, so it prompts you to confirm that you want to continue connecting. You can type yes
and then press ENTER
.
The authenticity of host '203.0.113.0 (203.0.113.0)' can't be established.
ECDSA key fingerprint is SHA256:IcLk6dLi+0yTOB6d7x1GMgExamplewZ2BuMn5/I5Jvo.
Are you sure you want to continue connecting (yes/no)? yes
Next, a host key fingerprint is saved to your local machine and you receive this confirmation:
Warning: Permanently added '203.0.113.0' (ECDSA) to the list of known hosts.
You may receive an intimidating-looking remote host identification warning:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
This happens most often when you’ve destroyed a Droplet immediately before creating and trying to connect to a new one. If the new Droplet gets assigned the same IP address as the Droplet that was destroyed, the host key of the old server is stored and conflicts with the new host key.
If this happens, you can delete the old Droplet’s host key from your local system with the command ssh-keygen -R 203.0.113.0
and then reconnect.
The next part of the connection process is authentication. If you’ve added SSH keys, you connect to the Droplet immediately (or after entering the passphrase for your key pair).
If you haven’t added SSH keys, the Droplet prompts you for your password:
[email protected]'s password:
When you enter your password, nothing is displayed in the terminal, so it can be easier to paste in the initial password. Pasting into text-based terminals is different from other desktop applications and is also different from one window manager to another:
CTRL+SHIFT+V
.SHIFT-CMD-V
or the middle mouse button.Once you’ve entered the password, press ENTER
.
E-mailed passwords aren’t secure, so the first time you log in with the default password, you are immediately prompted to change it.
. . .
Changing password for root.
To do that, first re-enter the current password, then press ENTER
. Nothing displays on the screen when you type.
(current) UNIX password:
After that, enter your new password and press ENTER
. Again, nothing displays on the screen as you type. Then, enter the new password a second time to confirm that you’ve typed it accurately.
Enter new UNIX password:
Retype new UNIX password:
When you’ve successfully logged in, you receive an operating system-specific welcome screen. Your command prompt changes to display the username you’ve logged in as, separated by the @
symbol from the hostname of the Droplet, like root@ubuntu-512mb-sfo2-01:~#
.
If you’re having trouble connecting to your Droplet with SSH, you can troubleshoot the SSH errors or try connecting with the Recovery Console to recover normal SSH access.