Here’s one that I’ve struggled with probably 3-4 separate times in my life. As Josh Knox once said “my blog is just letters to my future self.”
https://x.com/iamjoshknox/status/1800273741630599306
Anyway, this is related to WordPress and Linux. As you probably can tell, this site is based on WordPress and so are all the other blogs and websites I’ve built / worked with. I think that’s more of a nod to the fact that I don’t know much about websites and also like things done for me, but that’s neither here nor there.
Every time I setup a new blog, I use the droplet template on Digital Ocean. It’s really easy and you can get a blog running for like 6 bucks a month. I also, every time I do this, select a Linux distro and use an SSH key for authentication. I think “I need this secure – a really complex password is not sophisticated enough for my intellectual property!” Unfortunately, I lose interest or get busy on something else, go away for 6 months, and then come back to try to reconnect and update my SSL cert and I can’t figure out how to get in.
There are two things I run into: first, I let 1Password or LastPass generate me an SSH key pair. I then supply the public key to Digital Ocean and it gets installed in the authorized_keys file in the Droplet. Because of this, I need to do two steps manually – store the private key on the local and the public key on the remote.
I use WSL (Window Subsystem for Linux) and ssh to connect to my droplets. Since I just manually created the key pair using 1Password, I have to export those files and then store them somewhere in the Linux filesystem and I can never remember where to put it.
For future reference.
- Store the private key file in the ~/.ssh folder on my local machine.
- Store the public key in the ~/.ssh/authorized_keys file on the remote machine. Each key needs its own line.
- When connecting, make sure to use the -i switch in ssh in order to reference the private key you’re trying to connect with.
The other thing that gets me into trouble is the sudo command. I don’t know anything about Linux and can barely spell it, but apparently sudo is important. Each time I try to re-login to one of these servers, I follow my steps above and get this error message: Permission denied (publickey).
I have no idea why. What’s happened in the past is I see this, forget how I fixed it last time, and then spend a few hours searching Google for a fix. Here it is (in my case – seems like this error can pop up for a lot of other reasons.) Use ssh with sudo. When you do that and then refer to the private key file with the -i switch, you’ll be able to connect to your server, future Jake.
sudo ssh -i ~/.ssh/keyfile xxx.xxx.xxx.xxx
Leave a Reply