Root SSH key for remote deployment

I might have asked a similar question about this before, but I’m still a bit confused. I read the wiki article on SSH keys and it says that for running the initial server.yml playbook, it uses whatever SSH key that you used to spin up the droplet. I understand that part (I tie the droplet to a key on spinup), but the part I’m not understanding is how ansible knows about the key. Does it just know to look in the .ssh folder of my users profile to find the matching key and use it? I think I’m just not wrapping my head around this.

Ansible is just making SSH connections and running commands. So Ansible itself doesn’t need to know anything about your SSH public keys.

It’s the underlying SSH command/connection that knows when to use your public key. Basically your server running sshd says “I accept publickey authentication” so your SSH connection automatically attempts to load your public key in the default location ~/.ssh/ and if that matches up with the key already on the server (which Digital Ocean adds), then it just connects using that.

There’s a lot of resources you can read about this:

1 Like

This might help as well:

That’s what I was confused about. I put my key in the ~/.ssh folder so I should be good.