This guide will show you how to enable SSH (remote login) on your Mac OS X machine and connect to it using a private key file (.ppk) while disabling password logins (more secure). In this example, we will setup the remote connection using Putty.

1. Enable SSH on your Mac. Go to System Preferences -> Sharing -> Remote Login.

Generating New Keys. Bring up a new terminal window on macOS by going into Applications/Utilities and opening 'Terminal'. The ssh-keygen command provides an interactive command line interface for generating both the public and private keys. Invoke ssh-keygen with the following -t and -b arguments to ensure we get a 4096 bit RSA key. Note that you must use a key with 2048 or more bits in macOS.

2. Now, we will generate our private and public SSH keys on our Mac. Open Terminal and type the following commands.

Apr 28, 2017 Let’s walk through how to make an SSH connection into another computer using the native ssh client in Mac OS. Some quick background for the unfamiliar; SSH stands for Secure SHell, and it permits making encrypted connections into other computers over a network or the broader internet. You can use the SSH client in Mac OS to connect to any other machine with an SSH server running, whether it. Sep 26, 2019 You generate an SSH key through macOS by using the Terminal application. Once you upload a valid public SSH key, the Triton Compute Service uses SmartLogin to copy the public key to any new SmartMachine you provision. New keys with OpenSSH private key format can be converted using ssh-keygen utility to the old PEM format. Ssh-keygen -p -m PEM -f /.ssh/idrsa There is no need to downgrade to older OpenSSH just to achieve this result. Jun 24, 2018  After usage of ssh-add -K (it's recommended to use absolute path of keys) call the command ssh-add -A on every startup of macOS. To automate this, add a.plist with the following content to the path /Library/LaunchAgents/.

Create a .ssh directory. This directory will be hidden in your Mac X User home path.

Generate SSH private and public keys.

3. Now, we want to create an authorized_keys file in the same directory to allow remote hosts to connect to our Mac using the key file we just generated.

Create the authorized_keys file in Terminal.

4. Let’s take a look at the keys and authorized keys files we just created. At the menu bar, select Go -> Go to Folder… and type /Users/USER/.ssh replacing USER with your Mac X username. We see 3 files.

authorized_keys - your shared public key file

id_rsa - your private key

id_rsa.pub - your public key

5. We want to copy our Public Key exactly into our authorized_keys file. Open id_rsa.pub and copy the text into your authorized_keys file. Save the file. (To do this, you can drag both files to your Desktop to gain access to perform the copies if needed, then drag back to the .ssh folder). See example below.

6. In order to use Putty to connect via SSH via a private key, we must convert the id_rsa private key to Putty format (.ppk). We will use PuttyGen.exe to convert our id_rsa private key to a .ppk file. Download and install PuttyGen here.

Note:You can run PuttyGen.exe on Mac OS X following this guide. Otherwise, you will need to run PuttyGen on a Windows machine.

7. Launch PuttyGen.exe and click Load.

8. For Files of Type select All Files. Locate and select your id_rsa private key.

9. Click Save private key. Click Yes to save without a password (this is not needed). You can name the file whatever you want.

You now have a .ppk file we can use for our Putty connection. Save this key somewhere safe and never share it with anyone!

Next, we will configure SSH on our Mac to only allow key authentications and disable password authentications. This will immediately drop a connection made to our Mac unless a key file is being used (more secure).

Configure SSH on Mac OS X to Force Private Key Authentication Only

1. At the menu bar, select Go -> Go to Folder… and type /etc/ssh/ and hit return.

2. Open the sshd_config file. (To edit this, file you can drag it to your Desktop to edit then drag back to same folder)

3. We need to change 2 lines in sshd_config file.

Change UsePAM no

Uncomment and change PasswordAuthentication no

4. Save the ssh_config file.

5. Restart Mac X remote login for our changes to take affect. Go to System Preferences -> Sharing -> Remote Login and turn off / on.

Now, we can use Putty to create an SSH connection to our Mac we generated our keys on. Download and install Putty here.

Note:You can run Putty.exe on Mac OS X following this guide.

Open Putty and create a new connection. We will point to our private key file (.ppk). Go to Connection -> SSH -> Auth and load the .ppk file here. This can be tricky, ensure your creating a new connection in Putty and saving it so it remembers the key we just imported.

Try connecting. You will receive a login prompt for username. This will be the user of your Mac (any other username you put here will fail immediately).

If successful, you will login to your shell immediately pictured below! No password needed!

Please use the comment form to report dead links.

Source links

Problem

As described in detail on https://openradar.appspot.com/27348363, macOS/OS X till Yosemite used to remember SSH keys added by command ssh-add -K <key>. /cisco-vpn-pre-shared-key-generator.html.

Unfortunately this way no longer works. Keys added to the keychain via ssh-add -K are not automatically re-added to the ssh-agent after a reboot. As Apple Developer stated:

'That’s expected. We re-aligned our behavior with the mainstream OpenSSH in this area.'

Solutions

Solution 1 (recommended)

Apple updated its Technical Notes to indicate that since 10.12.2, macOS includes version 7.3p1 of OpenSSH and its new behaviors.

In ~/.ssh create config file with the following content:

Solution 2

After usage of ssh-add -K <key> (it's recommended to use absolute path of keys) call the command ssh-add -A on every startup of macOS.

Mac Os X Generate New Ssh Key

To automate this, add a .plist with the following content to the path ~/Library/LaunchAgents/:

Alternatives

• Create this file with the Lingon app.

• Use curl to download the .plist file to the stated path:

Notes

Mac Os Generate New Ssh Key Pair

If you have issues with ssh-add: illegal option -- K after using the ssh-add -K command, you may use the full path of the command /usr/bin/ssh-add.