rk1ve

digital-ocean-venture

decided to try out digital ocean since they have a free trial of two hundred credits. the setup was easy and registration as well. had some hiccups as i was registering because they restricted my account, so i had to submit a ticket to explain why i wanted to create an account. once that cleared, and i added a credit card to my account, the setup was very easy.

i had options to many droplets, but decided to go with debian since i was more familiar with it. i did try ubuntu, but found that cloudflared integration is not the best, especially with docker. i found that out during my time with oracle cloud. so debian bookworm was what i banked on. since i have two hundred credits, why not use the highest tier for basic plan. so i went with the highest tier of amd. it came with four cpus, one hundred sixty gigs of storage, and sixteen gigs of ram. compared to the oracle cloud, it is a bit worse. upside is that it is running amd64, not arm64, which will prove to be more versatile in docker applications.

i am mainly writing this to explain the ssh keys process in this. i used puttygen, you can use whatever key generation tool you prefer. i used putty since i was on my desktop and had putty installed. all you gotta do is generate an rsa key and move your mouse around for better entropy. once that is generated, it will give you an ssh-rsa line with scrambled letters, numbers, and symbols. this is your public key which will be pasted into the ssh key when creating the droplet. this will be accessible to anyone as anyone tries to ssh into the server, it will prompt with a public key and then it will ask for a matching private key.

always keep your private keys secure, since if anyone has access to it, they have full access to your server.

so now, you can export that private key and it will go to a .ppk file, which works well with putty. in puttygen you can export it as an openssh .key file, go to the top tab ‘conversions’ and ‘export openssh key.’ so now you will have two private key files depending on what you prefer to access the server from. in this case i use putty, so i exported the .ppk file into my .ssh folder, and created a putty login session that goes like this:

hostname: [email protected] or [email protected]
port: 22
connection type: ssh

right hand side:
connection > ssh > credentials > auth: private.ppk

back to session:
enter name in session box > click save

this process will be different depending on what you use, but always follow software documentation. these files are good to keep as you may want to manage your server using ansible.

now you can ssh into your server, and if everything works… you should login just fine. by default the droplet access any source ip address on port 22, which is not secure. you can address this by going into the firewall and creating a rule that explicitly states which source ip address’ to expect on port 22. i prefer this method as it limits the ssh access from my home public ip address. extra security on top of using ssh keys for log in.

now you have a debian vps in the cloud, fairly secure, but will provide a good gateway to experiment with cloud solutions and linux administration.

preserve the moment.