Add ssh key mac os

Manually generating your SSH key in macOS

You generate an SSH key through macOS by using the Terminal application. Once you upload a valid public SSH key, the Triton Compute Service uses SmartLogin to copy the public key to any new SmartMachine you provision.

Joyent recommends RSA keys because the node-manta CLI programs work with RSA keys both locally and with the ssh agent. DSA keys will work only if the private key is on the same system as the CLI, and not password-protected.

About Terminal

Terminal is the terminal emulator which provides a text-based command line interface to the Unix shell of macOS.

To open the macOS Terminal, follow these steps:

1. In Finder, choose Utilities from the Applications folder.
2. Find Terminal in the Utilities listw.
3. Open Terminal.

The Terminal window opens with the commandline prompt displaying the name of your machine and your username.

Generating an SSH key

An SSH key consists of a pair of files. One is the private key, which should never be shared with anyone. The other is the public key. The other file is a public key which allows you to log into the containers and VMs you provision. When you generate the keys, you will use ssh-keygen to store the keys in a safe location so you can bypass the login prompt when connecting to your instances.

To generate SSH keys in macOS, follow these steps:

Enter the following command in the Terminal window.

This starts the key generation process. When you execute this command, the ssh-keygen utility prompts you to indicate where to store the key.

Press the ENTER key to accept the default location. The ssh-keygen utility prompts you for a passphrase.

Type in a passphrase. You can also hit the ENTER key to accept the default (no passphrase). However, this is not recommended.

You will need to enter the passphrase a second time to continue.

After you confirm the passphrase, the system generates the key pair.

Your private key is saved to the id_rsa file in the .ssh directory and is used to verify the public key you use belongs to the same Triton Compute Service account.

	Never share your private key with anyone!

Your public key is saved to the id_rsa.pub ;file and is the key you upload to your Triton Compute Service account. You can save this key to the clipboard by running this:

Importing your SSH key

Now you must import the copied SSH key to the portal.

1. After you copy the SSH key to the clipboard, return to your account page.
2. Choose to Import Public Key and paste your SSH key into the Public Key field.
3. In the Key Name field, provide a name for the key. Note: although providing a key name is optional, it is a best practice for ease of managing multiple SSH keys.
4. Add the key. It will now appear in your table of keys under SSH.

Troubleshooting

You may see a password prompt like this:

This is because:

• You did not enter the correct passphrase.
• The private key on your Macintosh ( id_rsa ) does not match the public key stored with your Triton Compute Service account.
• The public key was not entered correctly in your Triton account.

What are my next steps?

In order to use the Terminal to create instances, set up triton and CloudAPI as well as the triton-docker commandline tool.

Источник

RTFM.WIKI

Ordnung muß sein. Ordnung über alles (18+)

Инструменты пользователя

Инструменты сайта

Боковая панель

Навигация

Линкшэринг

socialite Display:icon facebook twitter

ALARM!

Добавить новую страницу

Реклама

Содержание

SSH: подключение по ключу без пароля на примере macOS

Минимум теории и максимум хауту. За теорией лучше обратиться на сайт wikipedia или на ssh.com

Шаг 1. Создать пару ключей

Нужно создать пару ключей: приватный (закрытый) ключ и публичный (открытый) ключ. Приватный ключ никогда никуда никому не передавать. Публичный ключ можно показывать всем.

Пр желании можно дать ключу другое имя (ключ -f ), например id_rsa_server_vps13.

Следующий пункт passphrase. Это парольная фраза или проще говоря пароль для ключа.

Минусы. Его нужно будет вводить каждый раз, когда используется ключ.
Очевидный плюс. Если файл окажется в чужих руках без парольной фразы использовать его не получится. Ну и не стоит использовать пароли admin111 или qwerty123.

Шаг 2. Скопировать открытый ключ на удаленный хост

Как всегда в unix есть множество вариантов для этого.

Долгий путь

В macOS можно скопировать содержимое файла в буфер обмена с помощью pbcopy

Подключаемся к удаленному серверу, переходим в директорию .ssh и открываем (или создаем) файл authorized_keys.

Добавляем ключ из буфера обмена.

Кстати каждый ключ должен быть на отдельной строке. И никаких пустых строк между ключами.

ssh-copy-id

Начиная с Sierra утилита уже есть в составе системы и не нужно ставить с github или через homebrew.

или с указанием имени ключа

cat + ssh

Шаг 3. Локальный конфиг SSH и тест подключение

Добавим локальный файл конфигурации для SSH клиента в файл

Особый интерес представляют опции UseKeychain и AddKeysToAgent.

Пароль приватного ключа можно хранить в «Связке ключей» (Apple KeyChain). Один раз добавили и всё — больше никогда не надо вводить никаких паролей для подключения по ssh.

В каком-то релизе (Sierra? у меня не Linux, чтобы отслеживать это) всё сломали и Terminal теперь по-умолчанию не использует keychain.

Опция AddKeysToAgent вышла в OpenSSH 7.2 еще в 2016 году, но я узнал про нее только сейчас.

В клиент ssh добавлена опция AddKeysToAgent, управляющая передачей в ssh-agent закрытого ключа, используемого в процессе аутентификации. Опция может принимать значения ‘yes’, ‘no’, ‘ask’, и ‘confirm’ (по умолчанию ‘no’)

Что еще важного в ссылках выше?

Буду рад если кто-то более подробно разобрался в данном вопросе и дополнит заметку.

Источник

Generating a new SSH key and adding it to the ssh-agent

After you’ve checked for existing SSH keys, you can generate a new SSH key to use for authentication, then add it to the ssh-agent.

About SSH key generation

If you don’t already have an SSH key, you must generate a new SSH key to use for authentication. If you’re unsure whether you already have an SSH key, you can check for existing keys. For more information, see «Checking for existing SSH keys.»

If you want to use a hardware security key to authenticate to GitHub, you must generate a new SSH key for your hardware security key. You must connect your hardware security key to your computer when you authenticate with the key pair. For more information, see the OpenSSH 8.2 release notes.

If you don’t want to reenter your passphrase every time you use your SSH key, you can add your key to the SSH agent, which manages your SSH keys and remembers your passphrase.

Generating a new SSH key

Open Terminal Terminal Git Bash .

Paste the text below, substituting in your GitHub email address.

Note: If you are using a legacy system that doesn’t support the Ed25519 algorithm, use:

This creates a new SSH key, using the provided email as a label.

When you’re prompted to «Enter a file in which to save the key,» press Enter. This accepts the default file location.

At the prompt, type a secure passphrase. For more information, see «Working with SSH key passphrases.»

Adding your SSH key to the ssh-agent

Before adding a new SSH key to the ssh-agent to manage your keys, you should have checked for existing SSH keys and generated a new SSH key. When adding your SSH key to the agent, use the default macOS ssh-add command, and not an application installed by macports, homebrew, or some other external source.

Start the ssh-agent in the background.

Depending on your environment, you may need to use a different command. For example, you may need to use root access by running sudo -s -H before starting the ssh-agent, or you may need to use exec ssh-agent bash or exec ssh-agent zsh to run the ssh-agent.

If you’re using macOS Sierra 10.12.2 or later, you will need to modify your

/.ssh/config file to automatically load keys into the ssh-agent and store passphrases in your keychain.

First, check to see if your

/.ssh/config file exists in the default location.

If the file doesn’t exist, create the file.

/.ssh/config file, then modify the file to contain the following lines. If your SSH key file has a different name or path than the example code, modify the filename or path to match your current setup.

Note: If you chose not to add a passphrase to your key, you should omit the UseKeychain line.

Note: If you see an error like this

add an additional config line to your Host * section:

Add your SSH private key to the ssh-agent and store your passphrase in the keychain. If you created your key with a different name, or if you are adding an existing key that has a different name, replace id_ed25519 in the command with the name of your private key file.

Note: The -K option is Apple’s standard version of ssh-add , which stores the passphrase in your keychain for you when you add an SSH key to the ssh-agent. If you chose not to add a passphrase to your key, run the command without the -K option.

If you don’t have Apple’s standard version installed, you may receive an error. For more information on resolving this error, see «Error: ssh-add: illegal option — K.»

Add the SSH key to your account on GitHub. For more information, see «Adding a new SSH key to your GitHub account.»

If you have GitHub Desktop installed, you can use it to clone repositories and not deal with SSH keys.

Ensure the ssh-agent is running. You can use the «Auto-launching the ssh-agent» instructions in «Working with SSH key passphrases», or start it manually:

Add your SSH private key to the ssh-agent. If you created your key with a different name, or if you are adding an existing key that has a different name, replace id_ed25519 in the command with the name of your private key file.

Add the SSH key to your account on GitHub. For more information, see «Adding a new SSH key to your GitHub account.»

Start the ssh-agent in the background.

Depending on your environment, you may need to use a different command. For example, you may need to use root access by running sudo -s -H before starting the ssh-agent, or you may need to use exec ssh-agent bash or exec ssh-agent zsh to run the ssh-agent.

Add your SSH private key to the ssh-agent. If you created your key with a different name, or if you are adding an existing key that has a different name, replace id_ed25519 in the command with the name of your private key file.

Add the SSH key to your account on GitHub. For more information, see «Adding a new SSH key to your GitHub account.»

Generating a new SSH key for a hardware security key

If you are using macOS or Linux, you may need to update your SSH client or install a new SSH client prior to generating a new SSH key. For more information, see «Error: Unknown key type.»

Insert your hardware security key into your computer.

Open Terminal Terminal Git Bash .

Paste the text below, substituting in the email address for your account on GitHub.

Note: If the command fails and you receive the error invalid format or feature not supported, you may be using a hardware security key that does not support the Ed25519 algorithm. Enter the following command instead.

When you are prompted, touch the button on your hardware security key.

When you are prompted to «Enter a file in which to save the key,» press Enter to accept the default file location.

When you are prompted to type a passphrase, press Enter.

Add the SSH key to your account on GitHub. For more information, see «Adding a new SSH key to your GitHub account.»

Help us make these docs great!

All GitHub docs are open source. See something that’s wrong or unclear? Submit a pull request.

Источник

Set up an SSH key

When you set up SSH key, you create a key pair that contains a private key (saved to your local computer) and a public key (uploaded to Bitbucket). Bitbucket uses the key pair to authenticate anything the associated account can access. This two-way mechanism prevents man-in-the-middle attacks.

This first key pair is your default SSH identity. If you need more than a default identity, you can set up additional keys.

For security reasons, we recommend that you generate a new SSH key and replace the existing key on your account at least once a year.

You can’t use the same key between accounts. You must create new keys for each individual Bitbucket account.

Set up SSH for Git on Windows

Use this section to create a default identity and SSH key when you’re using Git on Windows. By default, the system adds keys for all identities to the /Users/ /.ssh directory.

Step 1. Set up your default identity

From the command line, enter ssh-keygen .

For Windows 7 or earlier

You can only enter ssh-keygen into the Git Bash window. It won’t work in the Command prompt.

The command prompts you for a file to save the key in:

$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/c/Users/emmap1/.ssh/id_rsa):

2. Press enter to accept the default key and path, /c/Users/ /.ssh/id_rsa .

We recommend keeping the default key name unless you have a reason to change it. To create a key with a non-default name or path, specify the full path to the key. For example, to create a key called my-new-ssh-key , enter the Windows path, shown here:

$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/c/Users/emmap1/.ssh/id_rsa): c:\Users\emmap1\.ssh\my-new-ssh-key

3. Enter and re-enter a passphrase when prompted.

The command creates your default identity with its public and private keys. The whole interaction looks similar to this:

$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/c/Users/emmap1/.ssh/id_rsa):
Created directory ‘/c/Users/emmap1/.ssh’.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /c/Users/emmap1/.ssh/id_rsa.
Your public key has been saved in /c/Users/emmap1/.ssh/id_rsa.pub.
The key fingerprint is: e7:94:d1:a3:02:ee:38:6e:a4:5e:26:a3:a9:f4:95:d4 emmap1@EMMA-PC

4. List the contents of .ssh to view the key files.

You should see something like the following:

$ dir .ssh
id_rsa id_rsa.pub

The command displays two files, one for the public key (for example id_rsa.pub ) and one for the private key (for example, id_rsa ).

Step 2. Add the key to the ssh-agent

If you don’t want to type your password each time you use the key, you’ll need to add it to the ssh-agent.

To start the agent, run the following:

$ eval $(ssh-agent)
Agent pid 9700

Enter ssh-add followed by the path to the private key file:

Step 3. Add the public key to your Account settings

From Bitbucket, choose Personal settings from your avatar in the lower left.

Click SSH keys. If you’ve already added keys, you’ll see them on this page.

Open your .ssh/id_rsa.pub file (or whatever you named the public key file) and copy its contents.
You may see an email address on the last line. It doesn’t matter whether or not you include the email address.

From Bitbucket, click Add key.

Enter a Label for your new key, for example, Default public key .

Paste the copied public key into the SSH Key field.

Click Save.
Bitbucket sends you an email to confirm the addition of the key.

Return to the command line and verify your configuration and username by entering the following command:

$ ssh -T git@bitbucket.org

The command message tells you which of your Bitbucket accounts can log in with that key.

If you get an error message with Permission denied (publickey) , check the Troubleshoot SSH issues page for help.

Now that you’ve got an SSH key set up, use the SSH URL the next time you clone a repository. If you already have a repository that you cloned over HTTPS, change the remote URL for your repository to its SSH URL.

Edit an SSH key

After you add a key, you can edit the key’s Label but not the key itself. To change the key’s contents, you need to delete and re-add the key.

Set up SSH on macOS/Linux

Use this section to create a default identity and SSH key on macOS or Linux. By default, the system adds keys to the /Users/ /.ssh directory on macOS and /home/ /.ssh on Linux.

Step 1. Set up your default identity

1. From the terminal, enter ssh-keygen at the command line.
The command prompts you for a file to save the key in:

$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/emmap1/.ssh/id_rsa):

2. Press the Enter or Return key to accept the default location.

We recommend you keep the default key name unless you have a reason to change it.

To create a key with a name or path other than the default, specify the full path to the key. For example, to create a key called my-new-ssh-key , enter a path like the one shown at the prompt:

$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/emmap1/.ssh/id_rsa): /Users/emmap1/.ssh/my-new-ssh-key

3. Enter and re-enter a passphrase when prompted.
The command creates your default identity with its public and private keys. The whole interaction will look similar to the following:

$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/emmap1/.ssh/id_rsa):
Created directory ‘/Users/emmap1/.ssh’.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /Users/emmap1/.ssh/id_rsa.
Your public key has been saved in /Users/emmap1/.ssh/id_rsa.pub.
The key fingerprint is:
4c:80:61:2c:00:3f:9d:dc:08:41:2e:c0:cf:b9:17:69 emmap1@myhost.local
The key’s randomart image is:
+—[ RSA 2048]—-+
|*o+ooo. |
|.+.=o+ . |
|. *.* o . |
| . = E o |
| o . S |
| . . |
| . |
| |
| |
+——————+

4. List the contents of

/.ssh to view the key files.

/.ssh
id_rsa id_rsa.pub

The command displays two files, one for the public key (for example id_rsa.pub ) and one for the private key (for example, id_rsa ).

Step 2. Add the key to the ssh-agent

If you don’t want to type your password each time you use the key, you’ll need to add it to the ssh-agent.

To start the agent, run the following:

$ eval `ssh-agent`
Agent pid 9700

Enter ssh-add followed by the path to the private key file:

macOS $ ssh-add -K

(macOS only) So that your computer remembers your password each time it restarts, open (or create) the

/.ssh/config file and add these lines to the file:

Step 3. Add the public key to your Account settings

From Bitbucket, choose Personal settings from your avatar in the lower left.

Click SSH keys.
If you’ve already added keys, you’ll see them on this page.

In your terminal window, copy the contents of your public key file. If you renamed the key, replace id_rsa.pub with the public key file name.

On Linux, you can cat the contents:

On macOS, the following command copies the output to the clipboard:

Select and copy the key output in the clipboard.
If you have problems with copy and paste, you can open the file directly with Notepad. Select the contents of the file (just avoid selecting the end-of-file characters).

From Bitbucket, click Add key.

Enter a Label for your new key, for example, Default public key .

Paste the copied public key into the SSH Key field.
You may see an email address on the last line when you paste. It doesn’t matter whether or not you include the email address in the Key.

Click Save.
Bitbucket sends you an email to confirm the addition of the key.

Return to the terminal window and verify your configuration and username by entering the following command:

$ ssh -T git@bitbucket.org

The command message tells you which of your Bitbucket accounts can log in with that key.

If you get an error message with Permission denied (publickey) , check the Troubleshoot SSH issues page for help.

Now that you’ve got an SSH key set up, use the SSH URL the next time you clone a repository. If you already have a repository that you cloned over HTTPS, change the remote URL for your repository to use its SSH URL.

Edit an SSH key

After you add a key, you can edit the key’s Label but not the key itself. To change the key’s contents, you need to delete and re-add the key.

Set up SSH with Sourcetree on Windows

Use this section to generate an SSH key using Sourcetree. When you create an SSH key with Sourcetree, you can save the public and private key wherever you want locally. You may want to create an SSH directory when you do, so that you can refer to your SSH keys whenever you need them.

Step 1. Install Sourcetree and add your Bitbucket account

If you don’t yet have Sourcetree, go to https://www.sourcetreeapp.com/ and click the Download free button.

Click the .exe file to install Sourcetree. Refer to the Install Sourcetree page for more details.

You may see the Load SSH Key? dialog after installation. Click No if you don’t have one and want to use Sourcetree to create one.

Add your account and select SSH as the Preferred Protocol. If you don’t connect your account during set up, click Remote to open the Remote repositories page and click Add an account.

Step 2. Create an SSH key

From Tools, select Create or Import SSH Keys.

From the PuTTY Key Generator dialog, click the Generate button.

As the SSH key generates, hover your mouse over the blank area in the dialog. It may take a minute or two.
When SSH key generation is complete, you see the public key and a few other fields.

Enter a passphrase for your SSH key in the Key passphrase and Confirm passphrase fields.

Click Save public key. From the save dialog, choose where to save your public key, name the file with the .pub file extension, and click Save.

Click Save private key. From the save dialog, choose where to save your private key, name the file, and click Save.

Close the PuTTY Key Generator dialog.

Step 3. Install your private key on Pageant

Sourcetree comes with an SSH authentication agent called Pageant. Load your private key into Pageant to automatically authenticate so that you don’t need to enter your passphrase.

Double-click the Pageant (PuTTY Authentication Agent) icon in your system tray to open the Pageant Key List dialog.

Click the Add Key button to open the Select Private Key File dialog.

Navigate to the private key file you saved in Step 1 and click Open.

Enter the passphrase for your SSH key and click OK.
Pageant shows your key in the running list.

Click Close.

Step 4. Add the public key to your Account settings

From Sourcetree, open the PuTTY Key Generator dialog by going to Tools > Create or Import SSH Keys.

Click Load, navigate to your SSH folder, and click the private key. Make sure you’re looking at All files if you don’t see your private key.

Enter your passphrase for the SSH key and click OK.

Copy the public key in the first field.

From Bitbucket, choose Personal settings from your avatar in the lower left.
The Account settings page opens.

Click SSH keys.
If you’ve already added keys, you’ll see them on this page.

Click Add key.

Enter a Label for your new key, for example, Default public key .

Paste the copied public key into the SSH Key field.

Click Save.
Bitbucket sends you an email to confirm the addition of the key.

Now that you’ve got an SSH key set up, use the SSH URL the next time you clone a repository. If you already have a repository that you cloned over HTTPS, change the remote URL for your repository to its SSH URL.

Edit an SSH key

After you add a key, you can edit the key’s Label but not the key itself. To change the key’s contents, you need to delete and re-add the key.

Set up SSH with Sourcetree on macOS

When you create an SSH key with Sourcetree on macOS, you can only create one key. You’ll need to use the command line if you want additional keys.

Step 1. Install Sourcetree and add your Bitbucket account

If you don’t yet have Sourcetree, go to https://www.sourcetreeapp.com/ and click the Download free button.

Open the ZIP file to install Sourcetree. Refer to the Install Sourcetree page for more details.

If you don’t connect your account during set up, you can add it from the Accounts tab by selecting Preferences from the Sourcetree menu.

Step 2. Create an SSH key

Follow these steps if you don’t already have an SSH key for an account. If you do have an SSH key and you want to generate another key, you’ll have to use the terminal because you can’t use Sourcetree to create a second key.

Creating an SSH key looks something like this:

From the Sourcetree menu, select Preferences.

Click the Accounts tab, select the account where you want to add the SSH key and click Edit.

Change the Protocol to SSH if it’s not already selected.

Hold down the OPTION key on your keyboard to see the Generate Key button.

If you’ve already generated an SSH key for this account from Sourcetree, the OPTION key won’t do anything. Use your existing key or generate another key from the terminal.

Click Generate Key.

Enter a passphrase for the SSH key in the Passphrase and Confirm Passphrase fields.

Click Create.

Step 3. Add the public key to your Account settings

From Bitbucket, choose Personal settings from your avatar in the lower left.
The Account settings page opens.

Click SSH keys.
If you’ve already added keys, you’ll see them on this page.

Select your account from your Accounts tab in Sourcetree.

Click the Copy to Clipboard button to copy your public SSH key.

From Bitbucket, click Add key.

Enter a Label for your new key, for example, Default public key .

Paste the copied public key into the SSH Key field.

Click Save.
Bitbucket sends you an email to confirm the addition of the key.

Now that you’ve got an SSH key set up, use the SSH URL the next time you clone a repository. If you already have a repository that you cloned over HTTPS, change the remote URL for your repository to its SSH URL.

Edit an SSH key

After you add a key, you can edit the key’s Label but not the key itself. To change the key’s contents, you need to delete and re-add the key.

Источник