DigitalOcean droplets (aka VMs) are configured to use the system's root account directly when accessing them over SSH. This is different from AWS EC2's (arguably better) approach of creating a new user account (called "ec2-user") upon instance creation.
The script below will:
- create a new user account with root privileges,
- copy the authorized SSH keys from the root user, and
- disable SSH root login.
IMPORTANT: Be sure you've added your SSH keys to the root user's authorized_keys
file before running this script, or you will be locked out of your droplet. If you added your SSH keys through DigitalOcean's web interface when creating the droplet, this has already been done for you.
This script has only been tested on Ubuntu 16.04. It should also work on Debian, but who knows. It probably won't work on other distributions.
To run this script, log into your droplet via SSH and enter the following:
bash <(curl -s https://gist.githubusercontent.com/stringlytyped/1c51bbd3c32c1edcea1c83fcb4d72205/raw/4d15d5fea163f173e11035559aee949bf3dcb6c1/disable_root.sh)
License: MIT