If you ssh into a droplet and get

Permission denied (publickey)

then you need to add a public key from your local machine to the droplet’s authorized keys. This tells your droplet to trust you when you connect – without you needing to know the root password.

The public key is a long string of characters, and until you’ve performed the steps in this post the only way you have to connect to your droplet is via the DigitalOcean console. It would be easy to copy to the droplet if you could copy-paste the string into the DigitalOcean console. But you can’t. So you need to jump through a couple of hoops.

First you need a public/private keypair. If you already have one then you’ll find them here:

If those files don’t exist then you need to create them with the following command:

$ ssh-keygen

As with any public/private keypair you must keep the private key safe and secure, but the public key is OK to distribute. In this case, we’ll put it on Dropbox so it can be easily downloaded into your droplet.

Copy ~/.ssh/id_rsa.pub into a Dropbox folder and make the folder public.

Log into the DigitalOcean console and run the following commands:

You should now be able to ssh into your droplet.