SSH instruction (macOS)

# SSH instruction (macOS) SSH keys are used to secure and passwordless access to remote server, GitHub/GitLab etc. Public key for sharing, private key protected with password and stored locally. Private key used for verification of public key. With macOS you can store password of private key unlock in Keychain. ### Generate new key pair. You can change filename and comment `ssh-keygen -o -a 100 -t ed25519 -f ~/.ssh/id_ed25519 -C "comment"` > this command generate two files (public and private keys) and put it inside .ssh folder of current user (~/.ssh) ### Show public key in Terminal, where from you can copy it manually `cat ~/.ssh/id_ed25519.pub` ### Copy public key to clipboard `cat ~/.ssh/id_ed25519.pub | pbcopy` ### Upload public key to the *server*. First time you need to login to the server with password `ssh-copy-id -i ~/.ssh/id_ed25519.pub user@server` > Autorized public keys stored in file ~/.ssh/authorized_keys on the remote host ### Add identity (private key) to Keychain and load into SSH-agent `ssh-add -K ~/.ssh/id_ed25519` ### List of already loaded keys into Terminal session (with SSH-agent) `ssh-add -l` ### One command what put default settings to ~/.ssh/config (attention, will rewrite file if existed) ``` echo "Host * AddKeysToAgent yes UseKeychain yes ForwardAgent yes IdentityFile ~/.ssh/id_ed25519" ~/.ssh/config ``` > ~/.ssh/config are very handy and provide some automazation and magic, this sample set your private key id_ed25519 as default key for all hosts what not configured in other way, also load key automatically to key-agent, use password of private key unlock from Keychain and use ForwardAgent for nested SSH connection with your key, where you can connect from one server to another. > Config file can consist all your remotes with synonyms, remote hosts also can have custom configurations and different keys. ### (optional) *This one-time command setup SSH-agent to automatically starts in background with first Terminal activation, where can be used in all next Terminal sessions. Alternative of using ~/.ssh/config* `echo 'eval $(ssh-agent)' >> ~/.bash_profile` *Load all all private keys (identities) automatically with first Terminal activation* `echo 'ssh-add -A' >> ~/.bash_profile` *Manual starting of the SSH-agent in background* `eval 'ssh-agent'` *Load all private keys (identities) what stored in your keychain.* `ssh-add -A`