Creating SSH Keys on Mac OSX

I use ssh a lot. I configure and update my Ubiquiti Edgerouter using it, upload files to my synology nas with it, and I use it to check on my pi servers. Having to type my password in every time is a pain, not to mention not the most secure.

SSH keys greatly simplify the connection process and improve security. With ssh keys we generate a key pair; a private key and a public key. The private key is stored locally on our machine while the public key is on the server we want to connect to. OSX and Linux come with the OpenSSH suite of tools already installed so the process is simple and fast.

To start launch terminal and run: ssh-keygen.

The first thing it will do is prompt you to select a location for the keys.

Generating public/private rsa key pair.  
Enter file in which to save the key (/home/username/.ssh/id_rsa):

The default location for keys is in the ~/.ssh directory. Keeping the default directory will allow us to connect automatically because that’s where OSX will look when authenticating. Hit ENTER to keep the default location.

Next we’ll be asked to create an optional passphrase.

Created directory '/home/username/.ssh'.  
Enter passphrase (empty for no passphrase):

If you enter a passphrase, you will have to provide it every time you use this key, unless you are running PuTTy or another SSH agent software that stores the decrypted key. Its safer to use a passphrase, but you can press ENTER to skip it.

You should now see something like this:

Your identification has been saved in /Users/alek/.ssh/id_rsa.
Your public key has been saved in /Users/alek/.ssh/id_rsa.pub.  

The key fingerprint is:  
SHA256:2wzy6c5Sa9d4e1589026zS11zhs4bDlSdFt0 alek@zMacBook.zNet. 
The key's randomart image is:  
+--[ RSA 2048]----+  
|     ..o         |  
|   E o= .        |  
|    o. o         |  
|        ..       |  
|      ..S        |  
| + . =o.*... o   |  
|   =o.+.         |  
|. =++..          |  
|o=++.            |  
+-----------------+

Obviously, your directory and fingerprint will be different, but the premise is the same. Your private key will be named id_rsa and your public will be id_rsa.pub. You can now copy your public key to your server and automate the connection proccess.