Mac OS X: How To Generate SSH Keys

If you use the Terminal for any amount of work, sooner or later you will probably come across the need to use SSH. SSH is a transfer protocol used to send data securely over the internet. It stands for Secure Shell. SSH has the ability to use keys, which will allow one computer to access another computer using really long encrypted password. Keys are considered more secure than passwords because they are much longer in length and can not be easily broken via brute force methods, like most passwords can.

Mac OS X is built on UNIX, and has SSH installed on all versions of Mac OS X by default. No extra software is necessary to use SSH on Mac OS X. But to generate an SSH key on Mac OS X takes a few steps.

Step 1: Open Terminal

First, open the Terminal app on your computer. The Terminal app resides in /Applications/Utilities. The easiest way to launch it is to open Spotlight with Command-Spacebar, and then start typing Terminal. You should see the app as the top selection. Click enter to launch it.

Screen Shot 2014 12 14 at 9.50.40 AM Mac OS X: How To Generate SSH Keys

The Terminal should open using your home directory as the default directory, but in case it doesn’t, do this:

cd ~/

Step 2: Check for existing keys

Now, inside your home directory, let’s see if you have any SSH keys already created:

ls -al ~/.ssh

If this is a brand new installation of Mac OS X, the .ssh directory might not even exist. (Pro Tip: Directories that have a period in front of them are hidden by default, meaning, you won’t see them listed in the Finder.)

If you have any keys already created, most likely they would be files listed with a “.pub” extension. Some default key file names are:

  • id_dsa.pub
  • id_ecdsa.pub
  • id_ed25519.pub
  • id_rsa.pub

If you don’t have any keys already created, go to the next step to create one.

Step 3: Generate a new SSH key

In the terminal, enter this command:

ssh-keygen -t rsa -C "your_email@example.com"

Substitute your email address for the one listed above.

Hit enter, and you should see the following message returned:

# Creates a new ssh key, using the provided email as a label
# Generating public/private rsa key pair.
# Enter file in which to save the key (/Users/you/.ssh/id_rsa): [Press enter]

Press enter to create a key using the default settings.

Next, you will be asked to enter a passphrase. A passphrase is essentially a password that will be used every time the key itself is used. It’s another layer of security. You can hit enter and bypass using a passphrase, but you are effectively limiting how secure your connection will be. Keys can be stolen, and without a passphrase, someone could use your keys without any consequence. If you forgo using the passphrase, be warned.

Enter passphrase (empty for no passphrase): [Type a passphrase] # Enter same passphrase again: [Type passphrase again]

Once you enter your passphrase (or click enter to bypass entering a passphrase) you should see a confirmation that your key has been created, which will look something like this:

Your identification has been saved in /Users/you/.ssh/id_rsa.
# Your public key has been saved in /Users/you/.ssh/id_rsa.pub.
# The key fingerprint is:
# 01:0f:f4:3b:ca:85:d6:17:a1:7d:f0:68:9d:f0:a2:db your_email@example.com

Step 4: Move key to remote server

Now that you have created a key, let’s move it to a remote server so we can connect to it.

First you will need to know the username of the account on the remote machine you will be connecting to, and you will need to know the remote machines address (either a fully qualified domain name, or an IP address).

Now, in the terminal, you will issue this command:

cat ~/.ssh/id_rsa.pub | ssh user@123.45.56.78 "mkdir -p ~/.ssh && cat >>  ~/.ssh/authorized_keys"

If you are on a Linux system, you can try the following shortened command that does the same thing.

ssh-copy-id user@123.45.56.78

To test that everything worked correctly, try to initiate an SSH session from your machine to the remote machine via the terminal. If it works, you should be prompted for your passphrase (unless you opted not to enter one) and once entered correctly, be looking at the prompt for a shell on the remote machine.


Category: OS X,Tutorial,UNIX,Web Development

Web Development on the Mac: Part 2 – MySQL

Installing MySQL on OS X can be as easy or as complex as you want it to be. On the complex side, since OS X is UNIX, you could install from source and build your own package. Or your could use the Homebrew package manager to install completely from the command line.

The easiest way to get MySQL installed on OS X is to use the packages built by MySQL. The packages are offered up in tarball or in DMG. Getting the DMG is going to give you the most ‘Mac’ like install. For the purpose of simplicity, this is the method we will use in this example. (more…)


Category: PHP,Tutorial,UNIX,Web Development

Web Development on the Mac: Part 1

Mac OS X has been my platform of choice for web developmet since the release of OS X 10.2. The UNIX underpinnings of the OS and the inclusion of Apache, PHP and other web technologies, coupled with other tools like Photoshop and an wide array of high quality text editors and IDEs make OS X a stellar platform for building websites and web applications.

This article will guide you through the many options you have in setting up a killer, comprehensive platform for building web apps. (more…)


Category: PHP,UNIX,Web Development

Updating WordPress on Mac OS X Server

About the only thing I miss about hosting my sites on a Linux webhost running Cpanel is the ability to auto update WordPress sites with one click. Granted, my experience with WordPress auto update is a mixed bag. When it works, it is all kinds of awesome. When it doesn’t, it leaves your site inaccessible while you figure out exactly what went wrong and how to fix it.

Since I’ve moved my webhosting to my own colocated Mac mini, I’ve missed the ease of auto updating my WordPress sistes. Downloading the latest WordPress update is such a pain, especially when you have to update several sites each time an update is released. Thankfully, with a little command line code, you can perform this action quite quickly and easily.

First start by SSHing in to your Mac OS X Server. Once in, you will use the ‘curl’ command to download the latest version of WordPress. Thankfully, WordPress keeps it’s latest version at the same URL regardless of version number, so once you make note of this URL, it shouldn’t change.

curl -O http://wordpress.org.latest.zip

Once the download is complete, unzip the archive.

unzip latest.zip

Then change your directory to the wordpress folder.

cd wordpress

Now, the final piece is to copy the files in the WordPress folder to the location of your WordPress install. When you do this, make sure you use the ‘-pr’ modifier for the copy command so the copy maintains permissions (-p) and is recursive (-r).

cp -pr * /Library/Webserver/Sites/your-website-name/.

That’s it. You’re done. One of the nice things about the *NIX copy command is that it won’t obliterate directories on the destination if they aren’t present in the source directory. So when you copy the wp-content to the new location, your themes and plugins are all left intact.

In our next tip, we’ll show you how to combine all of these steps in to one script and further automate it.


Category: PHP,Tutorial,UNIX,Wordpress

Wget for Snow Leopard

For the Mac OS X 10.6 Snow Leopard release, Apple removed and/or deprecated a number of command line tools. One of these is Wget. Wget is a command line tool for retrieving files from HTTP, HTTPS and FTP. Apple’s logic in removing Wget lies around the command line tool, Curl, which does pretty much the same thing as Wget.

However, if you need Wget, you’re in luck. Andrew Merenbach has created a package installer for Mac OS X 10.5 or higher. You can download it here.


Category: UNIX

About the author

A user of Macs since they had silly names like Performa and Centris, Theodore Lee is a techie who prides himself on his vast knowledge of all things Apple. OS X Factor was started in 2001 (originally as macosxcentric), and continues to churn out tips, tutorials, reviews and commentary on the tech sector.