Digital Ocean Droplet Non Root User

Digital Ocean droplets usually have a default user which is root, which is not ideal for security reasons. The following userdata script can be used to create a non-root user and set up SSH access for that user. This is typically used when creating a droplet with Terraform or any other infrastructure as code tool that supports user data.

data "digitalocean_ssh_key" "default" {
  name = "my-ssh-key"
}

resource "digitalocean_droplet" "example" {
  # ... other droplet configuration ...

  user_data = <<-EOF
    #cloud-config
    users:
      - name: reach
        groups: sudo
        shell: /bin/bash
        sudo: ALL=(ALL) NOPASSWD:ALL
        ssh-authorized-keys:
          - ${data.digitalocean_ssh_key.default.public_key}

    disable_root: true
    package_update: true
    package_upgrade: true
  EOF
}

Digital Ocean Droplet Non Root User ​

Digital Ocean Droplet Non Root User