Use SSH Keys to Access a Remote Mac

February 2, 2019

Estimated time: 5m Difficulty: 2/5

This guide will explain how you can log in via  SSH to a remote computer or server that is running macOS without using your password. As an added benefit, this process will also permit you to add the remote Mac in question to your ssh config file, and thus to log into it by simply typing, e.g. ssh macserver from the command line.

Step 1

First, you will need to generate a set of SSH keys on your local computer — i.e. the one you’re using to SSH in to the remote Mac. If you already have a set of SSH keys installed on your local computer, you can skip this step.

If you do not have keys installed on your local computer, you can generate a set by running the following (replacing [note] with your own note, of course):


      ssh-keygen -t rsa -C "[note]"

There is no need to add a password to the key. This guide assumes that you will save the new keys in the suggested directory, which is ~/.ssh.

Step 2

Next, you will need to generate a set of SSH keys on the remote Mac — i.e., the one you’re logging into — so that the necessary ~/.ssh folder structure is created, along with the known_hosts file. If you have already done this, you can skip this step. If you have not, repeat the instructions above on your remote Mac.

NOTE You will also need to ensure that you have switched on Remote Login in System Preferences → Sharing.

Step 3

To copy your public SSH key over to the remote Mac, we will use cat. You will need to know:

  • The location in which your public SSH key is stored. If you installed the key using the exact process outlined in Step 1, this will be ~/.ssh/id_rsa.pub. If you saved the key elsewhere, make a note of its location on your local machine
  • The address of the remote Mac to which you want to add the key
  • Your username and password on the remote Mac to which you want to add the key

Supposing that the public SSH key is located at ~/.ssh/id_rsa.pub, your username on the remote Mac is charles, and your remote Mac’s IP address is 10.0.1.2, you can copy the key over by running:


      cat ~/.ssh/id_rsa.pub | ssh charles@10.0.1.2 'cat >> ~/.ssh/authorized_keys'

NOTE You will be prompted for your account password once you press enter.

Step 4

You will now be able to log in without using your password. To do this, you can type ssh followed by your username and the address of the remote Mac. In our example, this would be:


      ssh charles@10.0.1.2

Step 5

We strongly recommend saving your configuration in your SSH config file so that you can use easy-to-remember shortcuts to log in to all your devices. A full guide explaining how to do that can be found here.

Versions

macOS: 10.14.3
Notice an error?

Have we got something wrong? Please let us know and we’ll fix it right away.

Categories
Mac macOS

Join the Discussion

Your email address will not be published. Required fields are marked *