How To Generate SSH Key In MacOSX?

SSH is used to connect remote systems in a secure way via the command-line interface. Apple operating system MacOSX supports SSH as a built-in function. MacOSX is a Unix derivative like the Linux distributions and provides similar commands and command-line usage. SSH keys are used to authenticate remote systems without a password. In this tutorial, we will learn how to create different types and size SSH keys in MacOSX for passwordless authentication and login for SSH.

Open Terminal

As the ssh-keygen is a command-line tool we will first open the command line interface which is provided via terminal. In order to open the terminal follow these steps.

  • Click to the Finder
  • Click to the Applications
  • Select Utilities
  • Click to the Terminal

Then the terminal is opened it will provide you the command prompt with your computer name and user name.

Generate SSH Key with ssh-keygen

SSH uses 2 keys called Public Key and Private Key. The keys are related to each other where the data encrypted with the Public Key can be decrypted with its Private Key. The ssh-keygen command will create both of these keys. The following command will generate the Public and Private SSH key pair.

$ ssh-keygen -t rsa

When this command is executed the SSH key generation process will start and ask us some questions about the keys like below.

Generating public/private rsa key pair.
Enter file in which to save the key (/home/ismail/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/ismail/.ssh/id_rsa
Your public key has been saved in /home/ismail/.ssh/
The key fingerprint is:
SHA256:5oS6IpD7+2vP7LR0C4SAdJonOAPhdhDzDbNYK1IjxLo [email protected]
The key's randomart image is:
+---[RSA 3072]----+
|B+= | |==X. |
|BO.* . |
|+o=. . . |
| o . o S |
|E o + |
|.. . + o |
|o . .* + . |
| oo=++* . |
  • Enter file in which to save the key (/home/ismail/.ssh/id_rsa):” ask the location where the SSH keys saved.
  • Enter passphrase (empty for no passphrase):” ask password to encrypt generated keys which will be more secure but a bit less practical. If you have disk encryption do not use it and provides a password.
  • Your identification has been saved in /home/ismail/.ssh/id_rsa” is the Private SSH key location and name.
  • Your public key has been saved in /home/ismail/.ssh/” is the Public SSH key location and name.

Generate RSA SSH Key

The ssh-keygen can be used to generate different types of keys like ECDSA, RSA, etc. The RSA is the default key type which is generated automatically but you can also specify this key type explicitly if it does not default in your case. The -t option is used with the rsa parameter like below.

$ ssh-keygen -t rsa

Generate DSA SSH Key

ECDSA is another popular cryptographic protocol that is used as an SSH key type. The ssh-keygen command can be used to create the ECDSA SSH key by providing the -t option with the ecdsa parameter like below.

$ ssh-keygen -t ecdsa

Generate 4096 Bit SSH Key

By default the key size is 2048. The size of the key sets the security of the communication but higher key size means more security less performance. We can also create 4096 bit SSH key by using the -b option and specifying the size as 4096.

$ ssh-keygen -b 4096

The SSH key size parameter can be also used with the key type parameter like below.

$ ssh-keygen -b 4096 -t rsa

$ ssh-keygen -b 4096 -t ecdsa

Copy SSH Key Remote Server For Passwordless Login

The generated key can be copied to the remote system in order to use passwordless authentication or key-based authentication without typing the password again and again. The ssh-copy-id command is used to copy our current key to the remote SSH system.

$ ssh-copy-id [email protected]

Alternatively the hostname of the remote system can be used instead of the IP address.

$ ssh-copy-id [email protected]

Now you can use the ssh command in order to login remote system without password like below.

$ ssh [email protected]

Leave a Comment