{"id":844,"date":"2023-09-27T11:31:29","date_gmt":"2023-09-27T11:31:29","guid":{"rendered":"https:\/\/blog.ngocha.biz\/?p=844"},"modified":"2023-09-27T11:31:29","modified_gmt":"2023-09-27T11:31:29","slug":"enable-password-authentication","status":"publish","type":"post","link":"https:\/\/blog.ngocha.biz\/?p=844","title":{"rendered":"How to Enable Password Authentication for Digital Ocean Droplet"},"content":{"rendered":"<p>In this blog, I will show you how to enable password-based SSH authentication for <a href=\"https:\/\/devopscube.com\/get-free-digital-ocean-credits\/\">Digital Ocean<\/a> Droplets.<\/p>\n<blockquote><p>Note: This will work on Ubuntu, Debina, Fedora and other linux Droplets.<\/p><\/blockquote>\n<h2 id=\"password-login-error\">Password Login Error<\/h2>\n<p>Digital ocean droplets support both SSH key and password-based authentication.<\/p>\n<p>By default, if you choose SSH key based authentication by <a href=\"https:\/\/devopscube.com\/generate-ssh-key-pair\/\">creating SSH keys,<\/a> you cannot use a password to log in to the Droplet.<\/p>\n<p>For example, you might configure a <a href=\"https:\/\/devopscube.com\/wordpress-installation-guide\/\">WordPress setup<\/a> using Serverpilot and create a system user and password.<\/p>\n<p>If you try to use the username and password to login, you will get the ermission denied (publickey) error as shown below.<\/p>\n<pre><code>The authenticity of host '165.227.121.128 (165.227.121.128)' can't be established.\nED25519 key fingerprint is SHA256:x5Zx6Z3GdqOHintxvrPnChPcYX+uG6plswRgsi6lKUQ.\nThis key is not known by any other names\nAre you sure you want to continue connecting (yes\/no\/[fingerprint])? yes\nFailed to add the host to the list of known hosts (\/Users\/serverpilot\/.ssh\/known_hosts).\nserverpilot@165.227.121.128: Permission denied (publickey).<\/code><\/pre>\n<p>Now lets look at the solution to enable password based authentication on Droplets.<\/p>\n<h2 id=\"enable-password-authentication\">Enable Password Authentication<\/h2>\n<p>Follow the steps given below enable the password authentication.<\/p>\n<h3 id=\"step-1-login-to-the-droplet-as-root\">Step 1: Login to the Droplet as root<\/h3>\n<p>If you have keypair to login, you can use the ssh command to login to the server.<\/p>\n<p>If you don&#8217;t have the keypair, use the <strong>Launch Droplet Console<\/strong> option present in the Droplet settings as shown below.<\/p>\n<figure class=\"kg-card kg-image-card\"><img decoding=\"async\" src=\"https:\/\/storage.ghost.io\/c\/5f\/2f\/5f2f4d20-2abf-4534-8d40-7aa233aedd43\/content\/images\/2025\/03\/image-26-18.png\" class=\"kg-image\" alt=\"Droplet console login option\" loading=\"lazy\" width=\"596\" height=\"449\"><\/figure>\n<p>It will open a browser based SSH terminal as shown below.<\/p>\n<figure class=\"kg-card kg-image-card\"><img decoding=\"async\" src=\"https:\/\/storage.ghost.io\/c\/5f\/2f\/5f2f4d20-2abf-4534-8d40-7aa233aedd43\/content\/images\/2025\/03\/image-27-21.png\" class=\"kg-image\" alt=\"Droplet console browser based SSH terminal\" loading=\"lazy\" width=\"621\" height=\"406\" srcset=\"https:\/\/storage.ghost.io\/c\/5f\/2f\/5f2f4d20-2abf-4534-8d40-7aa233aedd43\/content\/images\/size\/w600\/2025\/03\/image-27-21.png 600w, https:\/\/storage.ghost.io\/c\/5f\/2f\/5f2f4d20-2abf-4534-8d40-7aa233aedd43\/content\/images\/2025\/03\/image-27-21.png 621w\"><\/figure>\n<h3 id=\"step-2-locate-cloud-initconf\">Step 2: Locate cloud-init.conf<\/h3>\n<p>All the ssh related configuration are present in the <strong><code>sshd_config<\/code><\/strong> file located in the \/etc\/ssh folder.<\/p>\n<p>Open the <strong><code>\/etc\/ssh\/sshd_config<\/code><\/strong> file using vi editor.<\/p>\n<pre><code>vi \/etc\/ssh\/sshd_config<\/code><\/pre>\n<p>Now, inside you will find the following Include statement in the starting of the sshd_config file.<\/p>\n<pre><code>Include \/etc\/ssh\/sshd_config.d\/*.conf<\/code><\/pre>\n<p>cd into \/etc\/ssh\/sshd_config.d folder. This folder contains <strong><code>cloud-init.conf <\/code><\/strong>file with system wide <strong><code>PasswordAuthentication<\/code><\/strong> parameter.<\/p>\n<pre><code>cd \/etc\/ssh\/sshd_config.d<\/code><\/pre>\n<p>If you list the files you will see a file named <strong><code>50-cloud-init.conf<\/code><\/strong><\/p>\n<pre><code>root@techiescamp:~# cd \/etc\/ssh\/sshd_config.d\/\nroot@techiescamp:\/etc\/ssh\/sshd_config.d# ls\n50-cloud-init.conf\nroot@techiescamp:\/etc\/ssh\/sshd_config.d#<\/code><\/pre>\n<h3 id=\"step-3-enable-passwordauthentication-in-50-cloud-initconf\">Step 3: Enable PasswordAuthentication in 50-cloud-init.conf<\/h3>\n<p>Open the <strong><code>50-cloud-init.conf<\/code><\/strong>  file in vi or nano editor.<\/p>\n<pre><code>50-cloud-init.conf<\/code><\/pre>\n<p>You will find the <strong><code>PasswordAuthentication<\/code><\/strong> parameter set to <strong><code>no<\/code><\/strong>. Change it to <strong><code>yes<\/code><\/strong> as shown below and save the file.<\/p>\n<pre><code>PasswordAuthentication yes<\/code><\/pre>\n<h3 id=\"step-4-restart-sshd-service\">Step 4: Restart SSHD Service<\/h3>\n<p>Now, restart the sshd service for the changes to take effect.<\/p>\n<pre><code>sudo systemctl restart sshd<\/code><\/pre>\n<h3 id=\"step-5-login-using-username-and-password\">Step 5: Login Using Username and Password<\/h3>\n<p>Now that we have enabled the password authentication, you can login to the Droplet using username and password.<\/p>\n<h2 id=\"conclusion\">Conclusion<\/h2>\n<p>I would always recommend using SSH key pair for Droplet authentication. However, if you have a usecase to have username and password based authentication, ensure you use a strong SSH password.<\/p>\n<p>Also, if you want to avoid the server administration overhead, you can use managed cloud hosting service Cloudways with Digital ocean backend. Cloudways is owned by Digital ocean. So you get the best of both worlds. Managed hosting + power of Digital Ocean cloud. You can read more about Cloudway in my details <a href=\"https:\/\/devopscube.com\/cloudways-review\/\">Cloudways Review<\/a>.<\/p>\n<hr>\n<p><strong>Ngu\u1ed3n:<\/strong> <a href=\"https:\/\/devopscube.com\/enable-password-authentication\/\" target=\"_blank\" rel=\"noopener noreferrer\">How to Enable Password Authentication for Digital Ocean Droplet \u2014 DevOpsCube<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Source: https:\/\/devopscube.com\/enable-password-authentication\/<\/p>\n","protected":false},"author":1,"featured_media":845,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-844","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-devops"],"_links":{"self":[{"href":"https:\/\/blog.ngocha.biz\/index.php?rest_route=\/wp\/v2\/posts\/844","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.ngocha.biz\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.ngocha.biz\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.ngocha.biz\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.ngocha.biz\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=844"}],"version-history":[{"count":0,"href":"https:\/\/blog.ngocha.biz\/index.php?rest_route=\/wp\/v2\/posts\/844\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.ngocha.biz\/index.php?rest_route=\/wp\/v2\/media\/845"}],"wp:attachment":[{"href":"https:\/\/blog.ngocha.biz\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=844"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.ngocha.biz\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=844"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.ngocha.biz\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=844"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}