Mastering SSH Key Management on macOS: A Comprehensive Tutorial
15:52, 18.12.2023
SSH or Secure Shell is a specific secure protocol that helps admins to safely connect to remote devices. The protocol functions due to certain utilities and cryptographic network protocol. SSH keys are used to encrypt the remote connection within the system, and they consist of private and public pairs of keys. In such a way the authentication is created between the remote device and the user.
SSH keys are really helpful in lots of situations where it is a necessity to use a secured network. In addition to providing secure remote connections, SSH also provides strong data encryption during file transfers or even when managing infrastructure components.
Speaking about the functioning of the process, there are 3 important layers which every SSH connection comes through:
- Transport. This layer works by ensuring a secure connection between the SSH server and the client.
- Authentication. It functions by sending a specific authentication method to the user.
- Connection. After the completion of the successful authentication, this layer manages the connection between the server and the client.
To get a proper connection with the SSH server, first, the request initiation should be sent by the client to the server. Encryption starts right away when a server gets this request. After that, the user gets the public key from the server and the key is applied to verify the server’s identity. The last step before the actual login to the server is the parameters’ negotiation and creation of the secure channel.
Now let’s dive into more practical recommendations of how to create keys, adjust permissions, and more.
Creating SSH Keys on macOS
On the Mac system, SSH is disabled by default, so let’s review the whole process. Start with opening the Terminal. You can find it in the utilities and once found, enable SSH by the following command:
sudo systemsetup -setremotelogin on
After entering this line, it is needed to fill in your password. As you see, the process is really simple and doesn’t require lots of steps. On MacOS, this protocol is called Remote login.
Once you have enabled the protocol, you can proceed to the creation of SSH keys. Type the following command:
ssh-keygen
Then, it is needed to specify the key you are creating. The possible value for the type of key could be dsa, rsa1, or rsa. The most common is rsa, so let’s create:
ssh-keygen -t rsa
After that, you will be asked where you would like to save it and by pressing enter, you are choosing a default location. The next step will be password generation. In such a way, the key is saved in the chosen location.
Locating the Concealed .ssh Directory
Once you have saved the key in a certain folder, you may want to somehow access this directory. The period before SSH shows that it is concealed. There are 2 variants to unhide the files. The first one is possible via terminal usage. Type the following command:
defaults write com.apple.finder AppleShowAllFiles YES
killall Finder
The second method is by utilizing additional soft. You can choose Funter or any other. If you have done everything correctly then you will locate this concealed directory.
Generating SSH Keys on a Windows PC
Windows users should check whether the OpenSSH is installed. If yes, you should open a command prompt and run it as admin.
To generate SSH key, use the following command:
ssh-keygen
As with MacOS, by pressing Enter, the key will be saved by default. If you want any specific folder, then you should specify it. Then enter the password, and the system will generate the key.
The public key usually has .pub in the end, while the private looks like – id_rsa. To review the content of both keys, you can use Notepad.
Integrating the SSH Key with your Local Machine
Now, you have basic variants of SSH key generation so let’s discuss another good option. Key creation in the cPanel of a webhost includes the following steps:
- On your MAC system, start with the creation of the doc called “id_dsa”.
- Login to the cPanel and create keys
- Copy and paste the created key into the “id_dsa”
- Enter the terminal and type the following command:
ssh-add id_dsa
- Then run NAME@HOST-p18765 (where instead of NAME fill in your username and HOST should be replaced with server IP)
Once the key is successfully generated, add this key to the local machine by the next command:
ssh-add name_of_keyf
Instead of keyf, you should fill in the file name where is the generated key. Don’t forget to add a period before the name of the file in case it is hidden.
Now we have completed the process and our PC is recognizing the key that was provided by the webhost. The next issue is that OS accepts this specific file as not secure.
Adjusting Keyfile Permissions
To adjust permission of the keyfile, there are a couple of options you may consider:
- Start with the usual changing of the permission as will other files you have. However, there might be some issues that stop you from easy adjustment. If that doesn’t function then try the following method.
- Add keyfile to the.shh directory. As you see, there is a period so the folder will be hidden and more protected. In case that doesn’t function, then we have the 3rd variant.
- Adjust the .ssh directory’s permission.
For changing the permission of the file with SSH key, the next command is needed:
sudo chmod <span class="hljs-number">600</span> /path/to/my/key.pem
Except for the changed permission line, you will also need to enter the computer pass and pass for SSH key. The following step will be to connect to the Siteground server. For this purpose, you will need to download git repos.
Downloading a Website's Git Repository
The user should start from the cPanel and then navigate SG-GIT menu where the repository was set up. From here, it will be possible to copy the git clone. By simply typing this specific command into the terminal the repository will be coping to the local device. Starting from here, it is possible to add the repository to the GIT soft such as for instance GitTower.
Conclusion
As we have already discussed, SSH is a network protocol that is applied to guarantee an encrypted and fully secure connection between 2 machines. In this article, we have shared lots of helpful information about enabling SSH, generating SSH keys on Windows as well as on Mac systems, locating concealed directory, integrating the SSH key, adjusting Keyfile permissions, and more.
Generally speaking, SSH key usage is considered to be a more convenient, safe, and reliable method of accessing remote systems when compared with the standard credential approach. SSH keys’ usage is a great variant for all users who are searching for cloud security, tunneling, convenient authentication, secure protocol, and safe management of remote devices. Of course, as with other methods, there are some drawbacks as well, but the benefits definitely outweigh them. That’s why mastering SSH management is really important!