MacOS – Why does Mountain Lion ask me for the password when trying to SSH even though I have setup public/private keys

macosssh

On Mac OS X Mountain Lion (10.8) I have setup public/private keys for passwordless SSH to another Mountain Lion machine but when I try to SSH to the other machine it still asks for my password. I have verified permissions of the ~/.ssh directory and the ~/.ssh/authorized_keys2 file are correct. Verbose output from ssh -vvv my.server.com does not show any type of failure and there is nothing indicating a failure in the /var/log/system.log.

My keys work fine when connecting to Linux and Mac OS X Lion (10.7) machines.

Best Answer

In Mountain Lion the sshd configuration (/etc/sshd_config) was changed and sshd no longer looks at ~/.ssh/authorized_keys2 for valid keys.

/etc/sshd_config on Lion (line 46):

#AuthorizedKeysFile     .ssh/authorized_keys

/etc/sshd_config on Mountain Lion (line 48):

# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
# but this is overridden so installations will only check .ssh/authorized_keys
AuthorizedKeysFile      .ssh/authorized_keys

If you don’t wish to edit the /etc/sshd_config on the target machine you can either rename ~/.ssh/authorized_keys2 to ~/.ssh/authorized_keys or symlink it.

Symlink ~/.ssh/authorized_keys to ~/.ssh/authorized_keys2

ln -s ~/.ssh/authorized_keys ~/.ssh/authorized_keys2

Rename ~/.ssh/authorized_keys2

mv ~/.ssh/authorized_keys2 ~/.ssh/authorized_keys
Related Question