-
-
Save thomasgroch/2ffbaeebd1d1f15085898fed67e39153 to your computer and use it in GitHub Desktop.
RSA with PKCS encryption and Mavericks support
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Create a rsa key with 4096 bit encryption. This is far more secure than 2048. | |
# The email is just a plain comment. Make sure you enter a passphrase! | |
ssh-keygen -t rsa -b 4096 -C "your_email@example.com" | |
# The basic passphrase security is rather bad and easy to break. Read the following article why: | |
# http://martin.kleppmann.com/2013/05/24/improving-security-of-ssh-private-keys.html | |
mv id_rsa id_rsa.old | |
openssl pkcs8 -topk8 -v2 des3 -in ~/.ssh/id_rsa.old -out ~/.ssh/id_rsa | |
chmod 600 ~/.ssh/id_rsa | |
# Now you have an encrypted and rather difficult to break key. | |
# On MacOS Mavericks you will have a heard time getting things to work. I found this article and it seems to work: | |
# http://apple.stackexchange.com/questions/106364/osx-ssh-agent-no-password-pasting-and-problem-with-pkcs8 | |
brew update | |
brew install openssl | |
brew link openssl --force | |
brew install openssh | |
# Now everything should be working again |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment