Skip to content

Instantly share code, notes, and snippets.

@HintikkaKimmo

HintikkaKimmo/working_with_ssh.md

Last active September 1, 2017 19:43
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save HintikkaKimmo/850d71d85f0ae90e80b2169b075ed319 to your computer and use it in GitHub Desktop.
Save HintikkaKimmo/850d71d85f0ae90e80b2169b075ed319 to your computer and use it in GitHub Desktop.
Download ZIP
Instrucition on working with SSH keys
Raw
working_with_ssh.md

Generating a new SSH key

Open Terminal.

Paste the text below, substituting in your email address.

ssh-keygen -t rsa -b 4096 -C "your_email@example.com" This creates a new ssh key, using the provided email as a label.

Generating public/private rsa key pair. When you're prompted to "Enter a file in which to save the key," press Enter. This accepts the default file location.

Enter a file in which to save the key (/Users/you/.ssh/id_rsa): [Press enter] At the prompt, type a secure passphrase. For more information, see "Working with SSH key passphrases". Enter passphrase (empty for no passphrase): [Type a passphrase] Enter same passphrase again: [Type passphrase again] Adding your SSH key to the ssh-agent

Before adding a new SSH key to the ssh-agent to manage your keys, you should have checked for existing SSH keys and generated a new SSH key. When adding your SSH key to the agent, use the default macOS ssh-add command, and not an application installed by macports, homebrew, or some other external source.

Start the ssh-agent in the background.

eval "$(ssh-agent -s)" Agent pid 59566 If you're using macOS Sierra 10.12.2 or later, you will need to modify your ~/.ssh/config file to automatically load keys into the ssh-agent and store passphrases in your keychain.

Host * AddKeysToAgent yes UseKeychain yes IdentityFile ~/.ssh/id_rsa Add your SSH private key to the ssh-agent and store your passphrase in the keychain. If you created your key with a different name, or if you are adding an existing key that has a different name, replace id_rsa in the command with the name of your private key file.

$ ssh-add -K ~/.ssh/id_rsa

Adding or changing a passphrase

You can change the passphrase for an existing private key without regenerating the keypair by typing the following command:

ssh-keygen -p

Start the SSH key creation process

Enter file in which the key is (/Users/you/.ssh/id_rsa): [Hit enter] Key has comment '/Users/you/.ssh/id_rsa' Enter new passphrase (empty for no passphrase): [Type new passphrase] Enter same passphrase again: [One more time for luck] Your identification has been saved with the new passphrase. If your key already has a passphrase, you will be prompted to enter it before you can change to a new passphrase.

Saving your passphrase in the keychain

On OS X Leopard through OS X El Capitan, these default private key files are handled automatically:

.ssh/id_rsa .ssh/id_dsa .ssh/identity The first time you use your key, you will be prompted to enter your passphrase. If you choose to save the passphrase with your keychain, you won't have to enter it again.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment