Menu
Documentation Contact Log in
Start shipping
Docs / SSH Keys

SSH Keys

How to create and configure SSH keys for server access

SSH Keys

SSH keys are how Ship It Squirrel securely connects to your server without needing a password. Think of them as a special lock and key pair - the server has the lock (public key), and Ship It Squirrel has the key (private key).

What you'll learn

How to create SSH keys, add them to your server, and configure Ship It Squirrel to use them.

Step 1: Check if you already have SSH keys

Open your terminal (on Mac, search for "Terminal" in Spotlight) and run:

ls -la ~/.ssh

If you see files like id_rsa and id_rsa.pub (or id_ed25519 and id_ed25519.pub), you already have keys! Skip to Step 3.

If you see "No such file or directory", continue to Step 2.

Step 2: Create a new SSH key pair

Run this command in your terminal:

ssh-keygen -t ed25519 -C "your_email@example.com"

When prompted:

  • File location: Press Enter to accept the default
  • Passphrase: You can press Enter for no passphrase (easier) or enter one for extra security

This creates two files:

  • ~/.ssh/id_ed25519 - Your private key (keep this secret!)
  • ~/.ssh/id_ed25519.pub - Your public key (safe to share)

Step 3: Copy your public key

Display your public key:

cat ~/.ssh/id_ed25519.pub

Or if you have an RSA key:

cat ~/.ssh/id_rsa.pub

Copy the entire output (it starts with ssh-ed25519 or ssh-rsa).

Step 4: Add your public key to DigitalOcean

When creating a new droplet on DigitalOcean:

  1. In the "Authentication" section, choose "SSH Keys"
  2. Click "New SSH Key"
  3. Paste your public key
  4. Give it a name (like "My Laptop")
  5. Click "Add SSH Key"

Already have a droplet?

If your droplet already exists, you'll need to manually add the public key. SSH into your server and add it to ~/.ssh/authorized_keys.

Step 5: Add your private key to Ship It Squirrel

Now Ship It Squirrel needs your private key to connect to the server.

Display your private key:

cat ~/.ssh/id_ed25519

Or for RSA:

cat ~/.ssh/id_rsa

The output looks like:

-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtz
c2gtZWQyNTUxOQAAACDxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
...more lines...
-----END OPENSSH PRIVATE KEY-----

Copy everything including the BEGIN and END lines.

Then in Ship It Squirrel:

  1. Go to Servers
  2. Click on your server
  3. Click "Edit"
  4. Paste your private key in the "SSH Private Key" field
  5. Save

Security note

Your private key is encrypted at rest in our database, but never share it with anyone else or commit it to git.

Testing the connection

You can test that your SSH key works from your terminal:

ssh root@YOUR_SERVER_IP

If it connects without asking for a password, your SSH keys are set up correctly!

Troubleshooting

"Permission denied" error

  • Make sure the public key is in ~/.ssh/authorized_keys on your server
  • Check that the private key in Ship It Squirrel matches the public key on the server
  • Verify the SSH user is correct (usually root for new droplets)

"Connection refused" error

  • Make sure the server is running
  • Check that SSH is running on port 22 (or the port you specified)
  • Verify the firewall allows SSH connections

Still stuck?

Try running this command to see detailed connection info:

ssh -v root@YOUR_SERVER_IP

The output will show you exactly where the connection is failing.