How to Upload SSH Public Keys to a DigitalOcean Team

Validated on 27 Jun 2022 • Last edited on 23 May 2024 ssh

After you create an SSH key pair, you can upload your public key to DigitalOcean teams to make it easier to add your keys to your Droplets. It’s safe to freely share your SSH public key because it cannot be used to re-create the private key. It can only be used to validate the user who holds the associated private key.

Upload an SSH Key to a DigitalOcean Team with the Control Panel

To add an SSH public key to a team, log in to the control panel and make sure you are logged into the team you want to use. In the main menu on the left on the screen, click Settings, then click the Security tab at the top of the page to go to the team security settings page.

In the SSH keys section, click Add SSH Key.

DigitalOcean add new key button

Next, copy your public key and paste it into the SSH key content field.

Tip

Can’t find your keys? By default, your key files are saved to the hidden SSH folder in your home directory, and your public key ends in .pub. On Linux, your public key is typically /home/your_username/.ssh/id_rsa.pub, and on macOS and Windows, it’s typically /Users/your_username/.ssh/id_rsa.pub.

If you generated your key pair with PuTTYgen on Windows, you need to use PuTTYgen to view the public key in the appropriate format.

On macOS, you can then copy the key directly to your clipboard by running the following command:

pbcopy < ~/.ssh/id_rsa.pub

The Windows and Linux versions of the command depend on your specific distribution, subsystem, or command-line shell.

In the second field, enter a name for the key. You use this name to identify this key in the DigitalOcean Control Panel. We recommend using the name of the machine you copied the public key from.

DigitalOcean new public key prompt

Click the Add SSH Key button when you are finished. The key is displayed on the Security page. You can use a key’s More menu to edit the key information or delete it entirely:

DigitalOcean new public key prompt

When you create Droplets, you can automatically embed this key by selecting it in the Add your SSH keys section of the Droplet create page.

Now, instead of using a set root password, use your private key to sign in to your Droplet. If you set a password on the key itself when you created it, you are prompted for the key’s password. If not, you connect with no additional authentication.

If you want to delete an SSH key, navigate to the Security page in the control panel and click More beside the SSH key you want to delete. In the More menu, click Delete. A prompt appears asking you to confirm the deletion. Click Delete SSH key to remove the key from your team.

Note
Deleting SSH keys from the Security tab does not impact keys already added to existing Droplets. The keys listed in the Security tab are specifically for adding keys to newly created Droplets.

Automate Uploading an SSH Key to a DigitalOcean Team

How to upload an SSH key to your DigitalOcean team using the DigitalOcean CLI

To upload an SSH key to your DigitalOcean team via the command-line, follow these steps:

  1. Install doctl, the DigitalOcean command-line tool.

  2. Create a personal access token, and save it for use with doctl.

  3. Use the token to grant doctl access to your DigitalOcean account.

                  doctl auth init

  4. Finally, upload an SSH key to your DigitalOcean team with doctl compute ssh-key create. The basic usage looks like this, but you'll want to read the usage docs for more details:

                  doctl compute ssh-key create <key-name> [flags]
How to upload an SSH key to your DigitalOcean team using the DigitalOcean API

To upload an SSH key to your DigitalOcean team using the DigitalOcean API, follow these steps:

  1. Create a personal access token, and save it for use with the API.

  2. Send a POST request to https://api.digitalocean.com/v2/account/keys

    cURL

    To upload an SSH key to your DigitalOcean team with cURL, call:

    
                curl -X POST \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" \
  -d '{"name":"My SSH Public Key","public_key":"ssh-rsa AEXAMPLEaC1yc2EAAAADAQABAAAAQQDDHr/jh2Jy4yALcK4JyWbVkPRaWmhck3IgCoeOO3z1e2dBowLh64QAM+Qb72pxekALga2oi4GvT+TlWNhzPH4V example"}' \
  "https://api.digitalocean.com/v2/account/keys"

    Go

    Go developers can use Godo, the official DigitalOcean V2 API client for Go. To upload an SSH key to your DigitalOcean team with Godo, use the following code:

    
                import (
    "context"
    "os"

    "github.com/digitalocean/godo"
)

func main() {
    token := os.Getenv("DIGITALOCEAN_TOKEN")

    client := godo.NewFromToken(token)
    ctx := context.TODO()

    createRequest := &godo.KeyCreateRequest{
        Name:      "My SSH Public Key",
        PublicKey: "ssh-rsa AEXAMPLEaC1yc2EAAAADAQABAAAAQQDDHr/jh2Jy4yALcK4JyWbVkPRaWmhck3IgCoeOO3z1e2dBowLh64QAM+Qb72pxekALga2oi4GvT+TlWNhzPH4V example",
    }

    transfer, _, err := client.Keys.Create(ctx, createRequest)
}

    Ruby

    Ruby developers can use DropletKit, the official DigitalOcean V2 API client for Ruby. To upload an SSH key to your DigitalOcean team with DropletKit, use the following code:

    
                require 'droplet_kit'
token = ENV['DIGITALOCEAN_TOKEN']
client = DropletKit::Client.new(access_token: token)

ssh_key = DropletKit::SSHKey.new(
  name: 'My SSH Public Key',
  public_key: 'ssh-rsa AEXAMPLEaC1yc2EAAAADAQABAAAAQQDDHr/jh2Jy4yALcK4JyWbVkPRaWmhck3IgCoeOO3z1e2dBowLh64QAM+Qb72pxekALga2oi4GvT+TlWNhzPH4V example'
)
client.ssh_keys.create(ssh_key)

    Python

    
                import os
from pydo import Client

client = Client(token=os.environ.get("DIGITALOCEAN_TOKEN"))

req = {
  "public_key": "ssh-rsa AEXAMPLEaC1yc2EAAAADAQABAAAAQQDDHr/jh2Jy4yALcK4JyWbVkPRaWmhck3IgCoeOO3z1e2dBowLh64QAM+Qb72pxekALga2oi4GvT+TlWNhzPH4V example",
  "name": "My SSH Public Key"
}

resp = client.ssh_keys.create(body=req)
Control Panel Blog Pricing Careers Terms Privacy Status API Docs Tutorials Support