MacOS – SSH access using .pub key

macossshterminal

I don't know if I'm overthinking this too much but I can't seem to understand how to use a ssh public key to create an ssh connection trough my mac.

I'll list my steps bellow:

First created the SSH keys in my server in cpanel -> SSH keys and created a key pair with name id_rsatest
Then I downloaded to my mac both public and private key files, so now in my downloads folder I have the files: id_rsatest and id_rsatest.pub
Then I moved the id_rsatest.pub file to Users/myuser/.ssh/ and opened Terminal.app -> Shell -> New Remote Connection and entered the information below:

and receive this error:
```
ssh: connect to host example.com port 22: Operation timed out
[Process completed]
```

What am I doing wrong? Is this even the way on how to create a SSH access with SSH keys?

Best Answer

You got it the wrong way round :-)

create a key pair on the Mac you are using
put both id_rsa.pub and id_rsa into ~/.ssh and run chmod 600 id_rsa
append the generated public key (id_rsa.pub) to .ssh/authorized_keys on the remote machine (your server in this case). If you are allowed to login in via ssh using a password, use
```
ssh remoteuser@remotemachine "mkdir ~/.ssh; cat >> ~/.ssh/authorized_keys" < ~/.ssh/id_rsa.pub
```
otherwise transfer the file by whatever means you have to upload files.
run ssh remoteuser@remotemachine in your shell to connect

PS: The private key should never need to leave the machine it's generated on

Related Solutions

What apps/programs/daemons on OS X use the ~/.ssh/id_rsa* keys

To be honest the question is a little bit huge. Your ssh keys could have been generated if you activated the sshd (Remote Login) from the sharing preference pane; as to what could have used (or uses them), it’s any program (like Git, Subversion, SFTP, etc) that requires ssh access. Not sure exactly which one could have generated for you, but you can always remove them and see what fails (save a backup!).

Password dialog appears when SSH private key permissions are set to 0600

Make sure you have a corresponding id_rsa.pub or id_dsa.pub in your ~/.ssh directory.

When I had an id_rsa but not a corresponding id_rsa.pub, Mac OS X kept popping up the dialog and remember passowrd in my keychain did nothing.

cd ~/.ssh
ssh-keygen -y -f id_rsa > id_rsa.pub

generated the appropriate public key file for me.

If you already had your public file there (rename it to another name) and generate the public key again using the above command, you'll notice that the generated and the old one are not equal. Somehow the older versions of Mac OS X generated a public key that Lion does not like anymore, generating it again fixes that.

For the curious, the key is exactly the same, the part that changes is that there is no "comments" section after the key on the file any longer.

Best Answer

Related Solutions

What apps/programs/daemons on OS X use the ~/.ssh/id_rsa* keys

Password dialog appears when SSH private key permissions are set to 0600

Related Question