GuidesSaving ssh Keys on Mac OS X Leopard

Saving ssh Keys on Mac OS X Leopard

ServerWatch content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.




If you regularly log into lots of machines on external networks, it’s a
good idea to have SSH keys. Using ssh-agent, you can avoid having to
type in a passphrase for each login. Helpfully, since the Leopard release on
Mac OS X this functionality is built straight in, making your life even
easier.

Tip of the Trade: ssh-agent makes it possible to avoid having to
type in a passphrase for each login. Helpfully, since the Leopard release on
Mac OS X this functionality is built straight in.

The $SSH_AUTH_SOCK variable is set automatically (check
this with echo $SSH_AUTH_SOCK). Then launched is used to
listen for SSH connections and launch ssh-agent when needed. You’re
then challenged for your password (using a secure text field, another security
advantage) and given the option of storing it in your keychain. If you
choose to do this, you’ll never need to type your key passphrase again. Just unlock your master keychain to access it.

Setting this up is straightforward. First, generate a keypair on your
local machine:

ssh-keygen -t rsa -f ~/.ssh/mykey

Next, open up a connection to the remote machine and copy the contents of the
local file ~/.ssh/mykey.pub to the remote file
~/.ssh/authorized_keys. This file can contain multiple keys, but
each must be on a single line. Note also that both the ~/.ssh
directory and the ~/.ssh/authorized_keys file must be readable (and
executable in the case of the directory) only by that user.

Close the connection, then reconnect:

ssh remote.example.com -i ~/.ssh/mykey

You’ll be challenged for your passphrase; tick the “save in my keychain” box.
Then log out of the remote machine and back in for a third time, and this time
you won’t have to enter any password.

Next time you log onto your Mac, you’ll be challenged for your keychain
password the first time you use one of the keys in your keychain. After that,
all keys saved in the keychain will Just Work, easing the pressure on your
typing fingers.

Juliet Kemp has been messing around with Linux systems, for financial reward and otherwise, for about a decade. She is also the author of “Linux System Administration Recipes: A Problem-Solution Approach” (Apress, 2009).

Follow ServerWatch on Twitter

Get the Free Newsletter!

Subscribe to Daily Tech Insider for top news, trends & analysis

Latest Posts

Related Stories