Create a key to log in to Digital Ocean droplet with PuTTY

After you log in to your droplet with the Digital Ocean console, you can use these commands to create an SSH key, add it to your authorized_keys, create the PuTTY proprietary key, download it to your computer, and load it into PuTTY!

If you don’t know your root password, you can use the “Reset root password” feature from the “access” section of the droplet’s console. Note that once you initiate this procedure it will be impossible to log in to your droplet without the password that Digital Ocean will send you in email. Once the root password is set, those with an SSH key won’t need it; it is required only to log in to the Digital Ocean console.

First, we’ll need your hostname:

Install Required Tools

apt install -y woof putty-tools
Click for steps to generate an SSH key on your server

Generate a new SSH key, add it to authorized_hosts, and temporarily make it available on the web

Paste the following into your terminal. In the Digital Ocean console you can paste with control-v or by right-clicking and choosing paste.

NOTE: Literate Computing Installs after about September 7, 2020 already have the keys created and copied to ~/.ssh, so you should be able to skip this step.

The Digital Ocean console seems to barf if there’s more than one line, so here this is a bit at a time:

set things up

 KEYFILE="=hostname=";cd ~/.ssh

Generate the key

ssh-keygen -t rsa -N "" -f $KEYFILE

add the new key to the login keys

cat $ >> authorized_keys

Make the putty key

cat $KEYFILE  $ > $KEYFILE.pem; puttygen $KEYFILE.pem -o $KEYFILE.ppk -O private; chmod 600 $KEYFILE.pem $KEYFILE.ppk

Create a temporary web server for your PuTTY key

woof ~/.ssh/=hostname=.ppk

download your ppk file with this link:

Copy/paste the following into an “incognito” window in Chrome or a “private” window in Firefox. Your browser will force the following to https which will make it not work. Alternatively, you can use your server IP rather than the hostname.


add the link to putty:


at the login as: prompt, enter root.

You’re in!

Extra hints

Avoid entering “root” every login

Under session/ldata you can provide root as the username to avoid that annoying prompt.



For advanced users

Get the entire ~/.ssh directory as a tar file; useful if you want the regular openSSH keys.

Or PuTTY and openSSH keys:

woof -z ~/.ssh

Here it is in one block. I couldn’t make this work in the console, but it could be useful for something else

cd ~/.ssh
ssh-keygen -t rsa -N "" -f $KEYFILE
cat $KEYFILE  $ > $KEYFILE.pem
puttygen $KEYFILE.pem -o $KEYFILE.ppk -O private
chmod 600 $KEYFILE.pem $KEYFILE.ppk
cat $ >> authorized_keys
woof $KEYFILE.ppk