macOS is capable of working with SSH keys. Jack Wallen shows you how to generate the necessary keys and copy them to a server.
SSH key authentication is one way to better secure your remote sessions between two machines. This type of authentication depends upon a pair of keys that are generated by the user on the client machine. On Linux, this task is incredibly straightforward. With macOS, the process is just as easy. So easy, that it can be handled by just about anyone.
I want to walk you through the process of generating SSH keys on macOS Mojave and then show you how to copy the key to a remote server, for more secure connections between the two machines. The process should only take you a couple of minutes.
SEE: Information security policy template download (Tech Pro Research)
Open the terminal app
This task will be done via the macOS terminal application. To open that app, click on the Launchpad icon on your Dock and search for terminal. When that app appears, open it with a single click.
Generating the SSH keys
From the terminal window, issue the following command:
ssh-keygen -t rsa
Accept the default directory (Figure A) by using the Enter key on your keyboard.
You will be prompted to enter a new passphrase for the key (Figure B). Make sure to enter a strong and unique password for the keys.
Once you type and verify your password, SSH will generate a randomart image for your key (Figure C) and hand you back the prompt.
This process will create two keys in the /Users/USERNAME/.ssh directory (where USERNAME is your macOS username). Those keys are:
The file ending in .pub is the public key. This is the key that you can share with other users. The other key, id_rsa, is your private key. Never share that key. Never. Ever.
Copy your key to a server
Now that you have the key pair, how do you use them? Here's the simplest and most oft-used method of using SSH keys. You want to copy the key to a remote server so that you can use SSH key authentication (instead of the weaker password authentication). Fortunately, SSH has a built-in mechanism for copying that key. Say the remote server in question is at IP address 192.168.1.12 and the username is jack. To copy the key to that server, issue the command (from macOS):
You will first be prompted to see if you want to continue with the connection. Type y and hit Enter. Next, you'll be prompted for the remote user's password. Upon successful authentication, the keys will be copied and you're ready to log into the remote server, using SSH key authentication. To log in to the remote server, type the command (substituting your username and IP address as needed):
Instead of being prompted for the user's password, you'll be prompted for the passphrase for the SSH key (Figure D).
Congratulations, you not only generated SSH keys on macOS, but you also copied those keys to a remote server for more secure connection.
- How to copy a file between two remote SSH servers (TechRepublic)
- How to use SSH to proxy through a Linux jump host (TechRepublic)
- How to connect to VNC using SSH (TechRepublic)
- How to combine SSH key authentication and two-factor authentication on Linux (TechRepublic)
- New macOS security flaw lets malicious apps steal your Safari browsing history (ZDNet)
- What is SDN? How software-defined networking changed everything (ZDNet)
- The Best VPN services for 2019 (CNET)
- 5G: More must-read coverage (TechRepublic on Flipboard)