Skip to main content

Mac OS X key-based ssh login

To set up key-based SSH, you must generate the keys the two computers will use to establish and validate the identity of each other. To do this run, the following commands in Terminal: Check to see whether a .ssh folder exists in your home directory by running the command ls -ld ~/.ssh. If .ssh is listed in the output, move to step 2. If .ssh is not listed in the output, run mkdir ~/.ssh and continue to step 2. Run: cd ~/.ssh Run: ssh-keygen -b 1024 -t dsa -f id_dsa -P '' This command generates the public and private keys. The -b flag sets the length of the keys to 1,024-bits, -t indicates to use the DSA hashing algorithm, -f sets the file name as id_dsa, and -P '' sets the private key password to be null. The null private key password allows for automated SSH connections. Run: touch authorized_keys2 Run: cat id_dsa.pub >> authorized_keys2 Run: chmod 400 id_dsa The permissions on the private key must be set so that the file is not world readable. Run: scp authorized_keys2 user@host :~/.ssh/ This command copies the public key and the authorized key lists to the specified user's home directory on the remote computer. If you need to establish two-way communication between servers, repeat the above process on the second computer. It is not secure to copy the private key of one computer to another computer. This process must be repeated for each user that needs to be able to open a key-based SSH session. The root user is not excluded from this requirement. The home folder for the root user on OS X is typically located at /var/root/.

Popular posts from this blog

Mac OS X "SOE" Day 7

Page Redirection> continued from day 6...

In summary, here is my method for creating a Mac OS X 10.7.3 Standard Operating Environment "SOE" Image.


Overview The goal is to create a "MASTER" non-booted SOE that can be used with multiple models and it multiple sites with different local requirements.

My intention is to use this "MASTER" image in a manual restore procedure due to the fact netboot facilities cannot be made available to all the sites I support however the DMG files are netboot compatible.

RequirementsLion Recovery Disk Assistant v1.0"TARGET" workstation. A compatible workstation that will be used to install Mac OS X 10.7.3 and capture a DMG image(s)."ADMIN" workstation. A workstation with Disk Utility that you will use to capture your DMG image(s).External storage such as a USB HARD DISK. SetupDownloaded the Lion Recovery Disk Assistant v1.0 and followed the instructions to setup an external Recovery D…

TFTP on Mac OS X 10.7 shell script

I've just started getting into Cisco support a little more. It's my goal to eventually specialise (its probably the first time I've found something in I.T. support that I don't eventually get bored with ). Since I've got about 1 of each OS I need make sure I can perform my job on anything. Was working on my macbook pro and needed to download some router configs. Give tftp a kick on Mac OS X 10.7 #!/bin/bash #* TFTP.sh #+ A quick script to enable/disable tftp (for use with cisco devices). #+ Usage: TFTP.sh on NO_ARGS=0 if [ $# -eq "$NO_ARGS" ] # no arguments? then /bin/echo "Disabling tftp." #+ Always unload, just to be on the safe side. sudo launchctl unload -w /System/Library/LaunchDaemons/tftp.plist #+ Cleanup any files so they aren't floating around ;) /bin/echo "Removing default tftp files." sudo /bin/rm -f /private/tftpboot/running-config sudo /bin/rm -f /private/tftpboot/startup-config sudo /bin/rm -f /private/tft…