Mac and SSH Keys

If you’re Web programming on a Mac and are moving data around using the SSH network protocol, it’s a good idea to setup an SSH key on the destination server. You’ll speed up your workflow by not having to enter a password each time.

Setting up a key is pretty easy. First create the key on your machine using Terminal:

ssh-keygen -t rsa -f ~/.ssh/id_rsa -C "me@mymachine"

Then, run this command to create a special directory on your server that is needed for SSH key authentication. The username must be the one you’re going to use for SVN, Capistrano, etc. You can have a key for each user, e.g. deploy.

ssh username@subdomain.host.com 'mkdir ~/.ssh;chmod 700 ~/.ssh'

Then deploy the key to your server using the username you want to associate with the key:

scp ~/.ssh/id_rsa.pub username@subdomain.host.com:~/.ssh/authorized_keys2

Warning: the above command should only be executed if you’re adding your key to an account which is not accessed by multiple machines or users (with different keys). If, on the other hand, you need more than one key authorized, you should run the above command but change the last item from ‘authorized_keys2′ to a temporary file name. Then SSH into the server and run

cat my_temp_file >> authorized_keys2

Lastly, update the permissions on the server for the authorized_keys file you just created:

ssh username@subdomain.host.com 'chmod 600 ~/.ssh/authorized_keys2'

Note: the above commands assume your destination machine is using the more secure, SSH2. For plain old SSH, just change ‘authorized_keys2’ to ‘authorized_keys’ above.

You’re done. To test everything is working, you can simply ssh username@host via Terminal. If you’re still getting a password prompt, then you may have missed something.