Accessing the Droplet
Before deploying or maintaining applications, you’ll need to set up a way to access the droplet: a local system account to connect to and an ssh key pair to connect with. This requires access to the digital ocean or the droplet itself, please ask for assistance if it is available.
ssh
If you haven’t already, set up your local .ssh directory in your local user directory.
- generate an ssh key pair on your local computer with
ssh-keygen- make sure you use a passphrase that is memorable and secure - you will have to type this every time you want to access the droplet, including pushing updates to your app
- add the new key pair and host to your
.ssh/configlike so:- the username needs to match the new user we will create on the droplet
Host bci-droplet droplet.bci4kids.ca
HostName droplet.bci4kids.ca
User <your_droplet_username>
PubkeyAuthentication yes
IdentityFile ~/.ssh/id_bci_droplet
Use the terminal in the digital ocean web interface or otherwise ask somebody with droplet access to complete the below steps on your behalf.
create a new user1
Log in as root or otherwise use sudo. If doing this for someone else, ideally let them enter their own password during account creation.
adduser <new_user>
In the likely event that super user privileges are required:
gdpasswd -a <new_user>
add ssh public key to the droplet2
su <your_username>
mkdir .ssh
chmod 700 .ssh
vi .ssh/authorized _keys
Paste your public ssh key (.pub) into the authorized_keys file, then update file permissions
chmod 600 .ssh/authorized_keys
You should now be able to connect to the droplet in the terminal using ssh bci-droplet or ssh <your_username>@droplet.bci4kids.ca and entering the same passphrase you used to generate your key pair